Manually perform syscalls without going through any external API or DLL.
☆19Apr 19, 2023Updated 2 years ago
Alternatives and similar repositories for NtSyscaller
Users that are interested in NtSyscaller are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Dynamically generated obfuscated jumps and/or function calls☆38Apr 19, 2023Updated 2 years ago
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆20Apr 17, 2023Updated 2 years ago
- Another Portable Executable files analysing stuff☆21May 28, 2011Updated 14 years ago
- Small tool to play with IOCs caused by Imageload events☆44May 14, 2023Updated 2 years ago
- Research of modifying exported function names at runtime (C/C++, Windows)☆18May 28, 2024Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook☆13May 30, 2024Updated last year
- Modified versions of the Cobalt Strike Process Injection Kit☆106Jan 24, 2024Updated 2 years ago
- Ready-to-use headers for Windows Kernel SSDT indices☆11Apr 12, 2020Updated 5 years ago
- Tool for obtaining information about PPL processes☆16Feb 12, 2024Updated 2 years ago
- IAT Unhooking proof-of-concept☆34Apr 7, 2024Updated last year
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆45Jan 10, 2024Updated 2 years ago
- ProcExp Driver (Ab)use☆22Dec 28, 2022Updated 3 years ago
- A pure C version of SymProcAddress☆30Mar 17, 2024Updated 2 years ago
- POC - x64 injector -> x86 injectee dll injector☆15Apr 4, 2024Updated last year
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆49Mar 15, 2023Updated 3 years ago
- Simple website to automatically generate string encryption/decryption routines for C#☆10Feb 12, 2022Updated 4 years ago
- ☆25Apr 28, 2024Updated last year
- ☆14Nov 29, 2021Updated 4 years ago
- Classic Bofa adapted to CobaltStrike.☆11Oct 4, 2022Updated 3 years ago
- Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits☆31Jun 14, 2022Updated 3 years ago
- improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys☆49Mar 10, 2023Updated 3 years ago
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆45Feb 6, 2026Updated last month
- Attempt to use WFP for proxy interception☆10Jan 13, 2019Updated 7 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- XOR decrypting shellcode using the GPU with OpenCL.☆121May 22, 2025Updated 10 months ago
- Disable PPL via custom driver and dump lsass☆15Mar 13, 2021Updated 5 years ago
- Command and Control (C2) framework☆132May 16, 2025Updated 10 months ago
- This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built i…☆36Jan 15, 2022Updated 4 years ago
- A work in progress BOF/COFF loader in Rust☆50Mar 22, 2023Updated 3 years ago
- Nice try reading NTDLL from disk, nerd.☆19Apr 18, 2022Updated 3 years ago
- Run Cobalt Strike BOFs in Brute Ratel C4!☆86Apr 15, 2025Updated 11 months ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- ☆12Jul 2, 2023Updated 2 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- red team tips and trix☆12Jun 27, 2025Updated 9 months ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆66May 2, 2023Updated 2 years ago
- ☆12Jul 11, 2023Updated 2 years ago
- ☆12Jun 22, 2022Updated 3 years ago
- A kernel level driver for Windows built to configure the Blue Screen Of Death☆21Jul 30, 2021Updated 4 years ago
- Tutorial covering how to discover DLLs for Hijacking and how to create proxy DLLS using Microsoft Teams as an example☆16Apr 7, 2021Updated 4 years ago
- Windbg extension port for rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.☆13Sep 8, 2023Updated 2 years ago