Extracting Syscall Stub, Modernized
☆65Apr 2, 2022Updated 3 years ago
Alternatives and similar repositories for TripleS
Users that are interested in TripleS are comparing it to the libraries listed below
Sorting:
- My implementation of Halo's Gate technique in C#☆54Apr 20, 2022Updated 3 years ago
- One gate to all syscalls!☆23Mar 12, 2022Updated 3 years ago
- C# Based Universal API Unhooker☆411Feb 18, 2022Updated 4 years ago
- Halos Gate-based NTAPI Unhooker☆52Apr 21, 2022Updated 3 years ago
- Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used☆92Aug 26, 2021Updated 4 years ago
- JALSI - Just Another Lame Shellcode Injector☆30Aug 1, 2021Updated 4 years ago
- SLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#☆66Aug 29, 2023Updated 2 years ago
- ☆31Aug 23, 2020Updated 5 years ago
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆55Mar 3, 2022Updated 4 years ago
- Two C# RunPE's capable of x86 and x64 injections☆11Dec 2, 2018Updated 7 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆36Apr 5, 2022Updated 3 years ago
- ☆185Jan 5, 2021Updated 5 years ago
- C# Reflective loader for unmanaged binaries.☆446Jan 25, 2023Updated 3 years ago
- Find kernel32 base and API addresses. Simple C++ implementation☆23Apr 7, 2022Updated 3 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 3 years ago
- Obfuscate ECMA CIL (.NET IL) assemblies to evade Windows Defender AMSI☆240Jun 9, 2023Updated 2 years ago
- PoC: Exploit 32-bit Thread Snapshot of WOW64 to Take Over $RIP & Inject & Bypass Antivirus HIPS (HITB 2021)☆167May 27, 2021Updated 4 years ago
- Process Ghosting in C#☆220Jan 24, 2022Updated 4 years ago
- Hardened Proof of Concept of D/Invoke Process Injection malware☆42Jul 23, 2020Updated 5 years ago
- ☆125Jun 28, 2023Updated 2 years ago
- Python3 tool to perform password spraying using RDP☆16Aug 14, 2023Updated 2 years ago
- Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.☆62Sep 6, 2021Updated 4 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆107Mar 8, 2023Updated 2 years ago
- Shellcode capable of bypassing EAF / IAF mitigations☆28Apr 11, 2023Updated 2 years ago
- ShellCodeLoader via DInvoke☆60Jul 5, 2021Updated 4 years ago
- ☆39Oct 12, 2022Updated 3 years ago
- Dynamically invoke arbitrary unmanaged code from managed code without PInvoke.☆772Dec 21, 2022Updated 3 years ago
- Remote Administration Tool, Server Written in C# and Client Written in C++☆15Dec 8, 2022Updated 3 years ago
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆20Apr 17, 2023Updated 2 years ago
- Pass the Hash to a named pipe for token Impersonation☆311Nov 29, 2023Updated 2 years ago
- ☆99Sep 20, 2021Updated 4 years ago
- I used this to see if an EDR is running in Safe Mode☆36Feb 13, 2021Updated 5 years ago
- ☆153Jan 6, 2023Updated 3 years ago
- YouTube/Livestream project for obfuscating C# source code using Roslyn☆129May 9, 2021Updated 4 years ago
- ☆16Sep 23, 2021Updated 4 years ago
- A collection of my presentation materials.☆17Apr 29, 2024Updated last year
- Managed code hooking template.☆134Nov 19, 2021Updated 4 years ago
- MappingInjection via csharp☆40Nov 19, 2021Updated 4 years ago
- OffensivePH - use old Process Hacker driver to bypass several user-mode access controls☆334Oct 9, 2021Updated 4 years ago