Flawww / NtSyscallerView external linksLinks
Manually perform syscalls without going through any external API or DLL.
☆19Apr 19, 2023Updated 2 years ago
Alternatives and similar repositories for NtSyscaller
Users that are interested in NtSyscaller are comparing it to the libraries listed below
Sorting:
- Dynamically generated obfuscated jumps and/or function calls☆38Apr 19, 2023Updated 2 years ago
- Research of modifying exported function names at runtime (C/C++, Windows)☆18May 28, 2024Updated last year
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆20Apr 17, 2023Updated 2 years ago
- Another Portable Executable files analysing stuff☆21May 28, 2011Updated 14 years ago
- Small tool to play with IOCs caused by Imageload events☆44May 14, 2023Updated 2 years ago
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆44Jan 10, 2024Updated 2 years ago
- PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook☆12May 30, 2024Updated last year
- ProcExp Driver (Ab)use☆22Dec 28, 2022Updated 3 years ago
- Modified versions of the Cobalt Strike Process Injection Kit☆105Jan 24, 2024Updated 2 years ago
- Attempt to use WFP for proxy interception☆10Jan 13, 2019Updated 7 years ago
- ☆12Jul 2, 2023Updated 2 years ago
- Learn Winapi in this Repo with examples, to understand its abstraction in reverse engineering for Windows.☆11Aug 8, 2022Updated 3 years ago
- ☆11Jul 11, 2023Updated 2 years ago
- ☆12Jun 22, 2022Updated 3 years ago
- A pure C version of SymProcAddress☆30Mar 17, 2024Updated last year
- ☆14Mar 30, 2022Updated 3 years ago
- havoc2nginx is a simple python script that converts Havoc Framework's yaotl malleable c2 profile to Nginx configuration file format. Most…☆12May 8, 2023Updated 2 years ago
- red team tips and trix☆12Jun 27, 2025Updated 7 months ago
- Tool for obtaining information about PPL processes☆16Feb 12, 2024Updated 2 years ago
- Ready-to-use headers for Windows Kernel SSDT indices☆11Apr 12, 2020Updated 5 years ago
- IAT Unhooking proof-of-concept☆34Apr 7, 2024Updated last year
- ☆14Nov 29, 2021Updated 4 years ago
- ☆18Jun 25, 2024Updated last year
- Simple website to automatically generate string encryption/decryption routines for C#☆10Feb 12, 2022Updated 4 years ago
- A proof-of-concept DLL that prints out the password a user enters into Veracrypt while decrypting a volume.☆15Oct 26, 2018Updated 7 years ago
- Windbg extension port for rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.☆13Sep 8, 2023Updated 2 years ago
- Disable PPL via custom driver and dump lsass☆15Mar 13, 2021Updated 4 years ago
- iSwordSDK (Provide Powerful Kernel API For Ring3 Applications)☆15Mar 25, 2022Updated 3 years ago
- Nice try reading NTDLL from disk, nerd.☆19Apr 18, 2022Updated 3 years ago
- Tutorial covering how to discover DLLs for Hijacking and how to create proxy DLLS using Microsoft Teams as an example☆16Apr 7, 2021Updated 4 years ago
- Remote Template Injection Toolkit☆48Apr 7, 2024Updated last year
- A simple BOF (Beacon Object File) to search files in the system☆15Dec 2, 2023Updated 2 years ago
- Single header library to simplify the usage of direct syscalls. x64/x86☆14Feb 26, 2023Updated 2 years ago
- Just another Process Injection using Process Hollowing technique.☆19Sep 18, 2023Updated 2 years ago
- ☆35Sep 13, 2022Updated 3 years ago
- CobaltStrike Aggressor Script to utilise FuzzySec's Windows Notification Framework Research to Spawn a Shell under Explorer.exe☆16Jul 6, 2019Updated 6 years ago
- Beacon Object Files used for Cobalt Strike☆19Jul 18, 2023Updated 2 years ago
- ☆20May 1, 2023Updated 2 years ago
- ☆16Oct 31, 2022Updated 3 years ago