My implementation of Halo's Gate technique in C#
☆55Apr 20, 2022Updated 4 years ago
Alternatives and similar repositories for SharpHalos
Users that are interested in SharpHalos are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Halos Gate-based NTAPI Unhooker☆52Apr 21, 2022Updated 4 years ago
- One gate to all syscalls!☆23Mar 12, 2022Updated 4 years ago
- Extracting Syscall Stub, Modernized☆65Apr 2, 2022Updated 4 years ago
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆55Mar 3, 2022Updated 4 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆36Apr 5, 2022Updated 4 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 4 years ago
- C# Based Universal API Unhooker☆410Feb 18, 2022Updated 4 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 3 years ago
- ☆10Jan 17, 2022Updated 4 years ago
- Unchain AMSI by patching the provider’s unmonitored memory space☆91Nov 24, 2022Updated 3 years ago
- Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms☆140Dec 20, 2022Updated 3 years ago
- ☆72Aug 2, 2022Updated 3 years ago
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆148Jun 2, 2022Updated 3 years ago
- ☆121Dec 23, 2022Updated 3 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Use hardware breakpoints to spoof the call stack for both syscalls and API calls☆203Jun 6, 2024Updated last year
- Rewrote HellsGate in C# for fun and learning☆86Feb 10, 2022Updated 4 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆91Dec 15, 2022Updated 3 years ago
- ☆131Jun 28, 2023Updated 2 years ago
- Dynamically invoke arbitrary unmanaged code from managed code without P/Invoke.☆171Jan 25, 2024Updated 2 years ago
- C# Reflective loader for unmanaged binaries.☆448Jan 25, 2023Updated 3 years ago
- The code is a pingback to the Dark Vortex blog:☆190Jan 26, 2023Updated 3 years ago
- Implant drop-in for EDR testing☆148Nov 15, 2023Updated 2 years ago
- A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…☆98Sep 26, 2019Updated 6 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- C# Port of LdapRelayScan☆93Nov 26, 2025Updated 5 months ago
- ☆164Apr 17, 2024Updated 2 years ago
- Reimplementation of the KExecDD DSE bypass technique.☆61Sep 7, 2024Updated last year
- TokenCert☆103Nov 15, 2024Updated last year
- HookDetection☆45Sep 3, 2021Updated 4 years ago
- Get fresh Syscalls from a fresh ntdll.dll copy☆236Jan 28, 2022Updated 4 years ago
- Nice try reading NTDLL from disk, nerd.☆19Apr 18, 2022Updated 4 years ago
- Example of using Sleep to create better named pipes.☆41Jul 25, 2023Updated 2 years ago
- different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)☆204Aug 2, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.☆143Sep 24, 2021Updated 4 years ago
- An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).☆419Jan 27, 2024Updated 2 years ago
- Patch AMSI and ETW in remote process via direct syscall☆86Apr 28, 2022Updated 4 years ago
- Nim version of MDSec's Parallel Syscall PoC☆125Apr 4, 2026Updated last month
- Library of BOFs to interact with SQL servers☆16Dec 6, 2024Updated last year
- Impersonate Tokens using only NTAPI functions☆85Apr 4, 2025Updated last year
- A BOF for enumerating version information for DLLs associated for a Beacon process.☆16Nov 23, 2021Updated 4 years ago