EvilBytecode / Nyx-Full-Dll-Unhook
(EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.
☆16Updated 3 months ago
Related projects ⓘ
Alternatives and complementary repositories for Nyx-Full-Dll-Unhook
- Unhook Ntdll.dll, Go & C++.☆14Updated 3 months ago
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆21Updated last month
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆40Updated 8 months ago
- C# API for Nidhogg rootkit☆16Updated 6 months ago
- TypeLib persistence technique☆68Updated 2 weeks ago
- Ransomware written in go, encrypt - decrypt.☆16Updated 4 months ago
- Section-based payload obfuscation technique for x64☆58Updated 3 months ago
- A direct improvement to remote TLS Injection.☆15Updated 4 months ago
- Parent Process ID Spoofing, coded in CGo.☆21Updated 4 months ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆30Updated last year
- Using LNK files and user input simulation to start processes under explorer.exe☆23Updated last month
- ☆35Updated 2 weeks ago
- Explorer Persistence technique : Hijacking cscapi.dll order loading path and writing our malicious dll into C:\Windows\cscapi.dll , when …☆67Updated last year
- A malicous Golang Package☆10Updated 4 months ago
- Command and Control☆21Updated 2 months ago
- Classic Process Injection with Memory Evasion Techniques implemantation☆62Updated last year
- a demo module for the kaine agent to execute and inject assembly modules☆35Updated 2 months ago
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆36Updated 9 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆54Updated 2 months ago
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆39Updated 10 months ago
- In-memory sleep encryption and heap encryption for Go applications through a shellcode function.☆39Updated 9 months ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆55Updated last year
- Windows AppLocker Driver (appid.sys) LPE☆35Updated 3 months ago
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆32Updated last year
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…☆37Updated 5 months ago
- HEVD Exploit: ArbitraryWrite on Windows 10 22H2 - Bypassing KVA Shadow and SMEP via PML4 Entry Manipulation☆14Updated 4 months ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆20Updated last year
- A (quite) simple steganography algorithm to hide shellcodes within bitmap image.☆21Updated 6 months ago