GetRektBoy724/SharpHalos external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

GetRektBoy724/SharpHalos

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/GetRektBoy724/SharpHalos)

Close

GetRektBoy724 / SharpHalosView on GitHubMore

• External links
• Readme badge

My implementation of Halo's Gate technique in C#

☆54Apr 20, 2022Updated 3 years ago

Alternatives and similar repositories for SharpHalos

Users that are interested in SharpHalos are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• GetRektBoy724 / HalosUnhooker

  View on GitHub
  Halos Gate-based NTAPI Unhooker
  ☆52Apr 21, 2022Updated 3 years ago
• GetRektBoy724 / SysGate

  View on GitHub
  One gate to all syscalls!
  ☆23Mar 12, 2022Updated 4 years ago
• GetRektBoy724 / TripleS

  View on GitHub
  Extracting Syscall Stub, Modernized
  ☆65Apr 2, 2022Updated 4 years ago
• GetRektBoy724 / SharpLoadLibrary

  View on GitHub
  An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.
  ☆55Mar 3, 2022Updated 4 years ago
• GetRektBoy724 / SyscallShuffler

  View on GitHub
  Your NTDLL vaccine from modern direct syscall methods.
  ☆36Apr 5, 2022Updated 4 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• GetRektBoy724 / Breaking-Detecting-Direct-Syscall-Techniques

  View on GitHub
  A repository filled with ideas to break/detect direct syscall techniques
  ☆26Apr 21, 2022Updated 3 years ago
• GetRektBoy724 / SharpUnhooker

  View on GitHub
  C# Based Universal API Unhooker
  ☆409Feb 18, 2022Updated 4 years ago
• susMdT / effective-waffle

  View on GitHub
  yet another sleep encryption thing. also used the default github repo name for this one.
  ☆69May 11, 2023Updated 2 years ago
• S3cur3Th1sSh1t / NimWinstaEveryoneAccess

  View on GitHub
  ☆10Jan 17, 2022Updated 4 years ago
• deepinstinct / AMSI-Unchained

  View on GitHub
  Unchain AMSI by patching the provider’s unmonitored memory space
  ☆91Nov 24, 2022Updated 3 years ago
• CymulateResearch / Blindside

  View on GitHub
  Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms
  ☆139Dec 20, 2022Updated 3 years ago
• waawaa / AMSI_Rubeus_bypass

  View on GitHub
  ☆72Aug 2, 2022Updated 3 years ago
• klezVirus / NimlineWhispers3

  View on GitHub
  A tool for converting SysWhispers3 syscalls for use with Nim projects
  ☆148Jun 2, 2022Updated 3 years ago
• RedTeamOperations / VEH-PoC

  View on GitHub
  ☆121Dec 23, 2022Updated 3 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• fortra / hw-call-stack

  View on GitHub
  Use hardware breakpoints to spoof the call stack for both syscalls and API calls
  ☆203Jun 6, 2024Updated last year
• sbasu7241 / HellsGate

  View on GitHub
  Rewrote HellsGate in C# for fun and learning
  ☆86Feb 10, 2022Updated 4 years ago
• mgeeky / msi-shenanigans

  View on GitHub
  Proof of Concept code and samples presenting emerging threat of MSI installer files.
  ☆91Dec 15, 2022Updated 3 years ago
• passthehashbrowns / BOFMask

  View on GitHub
  ☆131Jun 28, 2023Updated 2 years ago
• rasta-mouse / DInvoke

  View on GitHub
  Dynamically invoke arbitrary unmanaged code from managed code without P/Invoke.
  ☆171Jan 25, 2024Updated 2 years ago
• nettitude / RunPE

  View on GitHub
  C# Reflective loader for unmanaged binaries.
  ☆445Jan 25, 2023Updated 3 years ago
• paranoidninja / Proxy-DLL-Loads

  View on GitHub
  The code is a pingback to the Dark Vortex blog:
  ☆186Jan 26, 2023Updated 3 years ago
• zimnyaa / noWatch

  View on GitHub
  Implant drop-in for EDR testing
  ☆147Nov 15, 2023Updated 2 years ago
• jackullrich / TRunPE

  View on GitHub
  A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…
  ☆97Sep 26, 2019Updated 6 years ago
• Simple, predictable pricing with DigitalOcean hosting • Ad
  Always know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
• klezVirus / SharpLdapRelayScan

  View on GitHub
  C# Port of LdapRelayScan
  ☆91Nov 26, 2025Updated 4 months ago
• wotwot563 / aad_prt_bof

  View on GitHub
  ☆160Apr 17, 2024Updated last year
• lem0nSec / Dsebler

  View on GitHub
  Reimplementation of the KExecDD DSE bypass technique.
  ☆61Sep 7, 2024Updated last year
• nettitude / TokenCert

  View on GitHub
  TokenCert
  ☆102Nov 15, 2024Updated last year
• Kara-4search / HookDetection_CSharp

  View on GitHub
  HookDetection
  ☆45Sep 3, 2021Updated 4 years ago
• S3cur3Th1sSh1t / NimGetSyscallStub

  View on GitHub
  Get fresh Syscalls from a fresh ntdll.dll copy
  ☆234Jan 28, 2022Updated 4 years ago
• GetRektBoy724 / NiceTryDLL

  View on GitHub
  Nice try reading NTDLL from disk, nerd.
  ☆19Apr 18, 2022Updated 3 years ago
• EspressoCake / BetterPipename

  View on GitHub
  Example of using Sleep to create better named pipes.
  ☆41Jul 25, 2023Updated 2 years ago
• SaadAhla / ntdlll-unhooking-collection

  View on GitHub
  different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)
  ☆204Aug 2, 2023Updated 2 years ago
• End-to-end encrypted email - Proton Mail • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
• EspressoCake / PPLDump_BOF

  View on GitHub
  A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.
  ☆143Sep 24, 2021Updated 4 years ago
• med0x2e / NTLMRelay2Self

  View on GitHub
  An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).
  ☆416Jan 27, 2024Updated 2 years ago
• Hagrid29 / RemotePatcher

  View on GitHub
  Patch AMSI and ETW in remote process via direct syscall
  ☆86Apr 28, 2022Updated 3 years ago
• frkngksl / ParallelNimcalls

  View on GitHub
  Nim version of MDSec's Parallel Syscall PoC
  ☆124Apr 4, 2026Updated last week
• CCob / SQL-BOF

  View on GitHub
  Library of BOFs to interact with SQL servers
  ☆16Dec 6, 2024Updated last year
• ricardojoserf / NativeTokenImpersonate

  View on GitHub
  Impersonate Tokens using only NTAPI functions
  ☆84Apr 4, 2025Updated last year
• EspressoCake / DLL_Version_Enumeration_BOF

  View on GitHub
  A BOF for enumerating version information for DLLs associated for a Beacon process.
  ☆16Nov 23, 2021Updated 4 years ago