Alternatives and similar repositories for Ntdll-Unhook:

Users that are interested in Ntdll-Unhook are comparing it to the libraries listed below

• Offensive-Panda / D3MPSEC
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆24Updated 4 months ago
• caueb / ThreadlessStompingKann
  Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.
  ☆39Updated last year
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆59Updated 6 months ago
• EvilBytecode / Nyx-Full-Dll-Unhook
  (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.
  ☆18Updated 6 months ago
• EspressoCake / DefenderPathExclusions
  Creation and removal of Defender path exclusions and exceptions in C#.
  ☆30Updated last year
• OffenseTeacher / Steganim
  ☆47Updated last year
• Cracked5pider / kaine-assembly
  a demo module for the kaine agent to execute and inject assembly modules
  ☆38Updated 5 months ago
• MaorSabag / HollowMask
  Just another Process Injection using Process Hollowing technique.
  ☆16Updated last year
• a7t0fwa7 / SymProcSleuth
  A pure C version of SymProcAddress
  ☆25Updated 10 months ago
• Teach2Breach / dll2shell
  converts sRDI compatible dlls to shellcode
  ☆20Updated 3 weeks ago
• affix / rusty-hollow
  Unix Process hollowing in rust
  ☆20Updated last month
• jojonas / SharpSAMDump
  SAM Dumping in C#
  ☆41Updated last month
• b4rth0v5k1 / EarlyBirdNTDLL
  ☆36Updated 2 years ago
• HulkOperator / AuthStager
  ☆52Updated 3 months ago
• scrt / KexecDDPlus
  Exploiting the KsecDD Windows driver through Server Silos
  ☆49Updated 3 months ago
• Orange-Cyberdefense / EDRSnowblast
  This project is an EDRSandblast fork, adding some features and custom pieces of code.
  ☆22Updated last year
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆38Updated 7 months ago
• waawaa / Hooked-Injector
  Hooked create process injection for meterpreter
  ☆23Updated 3 years ago
• passthehashbrowns / Being-A-Good-CLR-Host
  ☆48Updated 3 weeks ago
• susMdT / AceLdr
  Cobalt Strike UDRL for memory scanner evasion.
  ☆46Updated last year
• ShorSec / DllNotificationInjection
  A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and re…
  ☆21Updated last year
• mr-r3bot / bof-modules
  BOF for C2 framework
  ☆39Updated 3 months ago
• C5Hackr / c_syscalls
  https://github.com/janoglezcampos/c_syscalls with the ASM rewritten by myself for Visual Studio's Compiler.
  ☆30Updated 7 months ago
• kapellos / VladimiRED
  ☆17Updated last month
• zimnyaa / smbsocks
  A simple rpc2socks alternative in pure Go.
  ☆28Updated 7 months ago
• EvilBytecode / PPID-Spoofing
  Parent Process ID Spoofing, coded in CGo.
  ☆22Updated 7 months ago
• gerbsec / SmokeyObfuscator
  Rewrite to fit my needs
  ☆27Updated 6 months ago
• GetRektBoy724 / SyscallShuffler
  Your NTDLL vaccine from modern direct syscall methods.
  ☆35Updated 2 years ago