One gate to all syscalls!
☆23Mar 12, 2022Updated 4 years ago
Alternatives and similar repositories for SysGate
Users that are interested in SysGate are comparing it to the libraries listed below
Sorting:
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 3 years ago
- My implementation of Halo's Gate technique in C#☆54Apr 20, 2022Updated 3 years ago
- Halos Gate-based NTAPI Unhooker☆52Apr 21, 2022Updated 3 years ago
- Extracting Syscall Stub, Modernized☆65Apr 2, 2022Updated 3 years ago
- Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.☆18Jan 21, 2022Updated 4 years ago
- Just another casual shellcode native loader☆25Feb 3, 2022Updated 4 years ago
- Beacon Object Files (not Buffer Overflows)☆58Mar 6, 2023Updated 3 years ago
- Reverse TCP Powershell has never been this paranoid. (basically an Opsec-safe reverse powershell)☆30Feb 4, 2022Updated 4 years ago
- ☆121Dec 23, 2022Updated 3 years ago
- Implementation of ITaskHandler in C++☆14Feb 11, 2023Updated 3 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆36Apr 5, 2022Updated 3 years ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆55Mar 3, 2022Updated 4 years ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆234Oct 18, 2022Updated 3 years ago
- Overwrite a process's recovery callback and execute with WER☆101Apr 17, 2022Updated 3 years ago
- A PoC project for embedding shellcode to Hint/Name Table☆114May 16, 2022Updated 3 years ago
- C# Based Universal API Unhooker☆409Feb 18, 2022Updated 4 years ago
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆58Feb 2, 2026Updated last month
- UUID based Shellcode loader for your favorite C2☆86Dec 8, 2021Updated 4 years ago
- Running .NET from VBA☆148Feb 11, 2023Updated 3 years ago
- BOF combination of KillDefender and Backstab☆167Mar 23, 2023Updated 3 years ago
- ☆57Apr 19, 2023Updated 2 years ago
- Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.☆85May 7, 2023Updated 2 years ago
- SyscallLoader☆11Sep 13, 2021Updated 4 years ago
- C# implementation of the token privilege removal flaw discovered by @GabrielLandau/Elastic☆144Feb 23, 2022Updated 4 years ago
- Implant drop-in for EDR testing☆147Nov 15, 2023Updated 2 years ago
- Beacon Object File implementation of Event Viewer deserialization UAC bypass☆133May 6, 2022Updated 3 years ago
- Hide memory artifacts using ROP and hardware breakpoints.☆145Oct 20, 2023Updated 2 years ago
- ☆153Jan 6, 2023Updated 3 years ago
- ☆50May 12, 2021Updated 4 years ago
- ☆14Mar 30, 2022Updated 3 years ago
- ☆17Aug 25, 2022Updated 3 years ago
- ☆15Mar 17, 2025Updated last year
- Use TpAllocWork, TpPostWork and TpReleaseWork to execute machine code☆24Mar 13, 2023Updated 3 years ago
- Uses WMI Event Win32_ModuleLoadTrace to monitor module loading. Provides filters, and detailed data. Has an option to monitor for CLR Inj…☆42May 9, 2019Updated 6 years ago
- Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…☆19Apr 24, 2023Updated 2 years ago
- Show the time in Roman Numerals☆11Jan 23, 2020Updated 6 years ago
- Windows x64 Process Injection via Ghostwriting with Dynamic Configuration☆29Oct 29, 2021Updated 4 years ago
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆16Jan 7, 2023Updated 3 years ago