Hides processes from the windows task manager using IAT hooking.
☆22Mar 30, 2021Updated 4 years ago
Alternatives and similar repositories for process-hiders
Users that are interested in process-hiders are comparing it to the libraries listed below
Sorting:
- inject shellcode into remote process via message hook☆15Oct 28, 2020Updated 5 years ago
- PE Injection with ring3 hook bypass☆10May 3, 2021Updated 4 years ago
- C# shellcode runner adapted to run from a csproj to be triggered by MSBuild☆27Feb 11, 2022Updated 4 years ago
- ☆74Jul 23, 2021Updated 4 years ago
- Overwrite a process's recovery callback and execute with WER☆101Apr 17, 2022Updated 3 years ago
- x64 Windows privilege elevation using anycall☆22May 28, 2021Updated 4 years ago
- Small handy tool for crafting shellcodes by hand.☆18Apr 20, 2022Updated 3 years ago
- ☆82Feb 12, 2022Updated 4 years ago
- Read Memory without ReadProcessMemory for Current Process☆92Feb 13, 2022Updated 4 years ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆116Feb 27, 2021Updated 5 years ago
- Playing with PE's and Building Structures by Hand☆22Apr 21, 2022Updated 3 years ago
- BypassAV无net添加windows用户☆10Jan 7, 2021Updated 5 years ago
- A proof of concept of real custom GetProcAddress and GetModuleBaseAddress☆21Jul 9, 2022Updated 3 years ago
- Minimalist Custom .NET Core Garbage Collector☆23Jun 15, 2020Updated 5 years ago
- It stinks☆103Apr 22, 2022Updated 3 years ago
- .NET Project for performing Authenticated Remote Execution☆12Nov 22, 2023Updated 2 years ago
- Interactive program for loading AES encrypted shellcode with Dynamic Invocation, and interactive .NET assemblies in memory.☆13Mar 16, 2022Updated 4 years ago
- This project is created for research into antivirus evasion by unhooking.☆18Sep 2, 2021Updated 4 years ago
- Used to AES encrypt shellcode, can take password or use built in default should be used with Iron Injector to generate and execute shellc…☆15Mar 18, 2022Updated 4 years ago
- Pseudorandom AES-256 encryption designed to protect shellcode and arbitrary strings. C# and C/C++ compatible.☆102Jan 7, 2022Updated 4 years ago
- Constexpr hash functions for C++☆19May 29, 2020Updated 5 years ago
- C# implementation of Get-AADIntSyncCredentials from AADInternals, which extracts Azure AD Connect credentials to AD and Azure AD from AAD…☆46Jun 24, 2023Updated 2 years ago
- A compilation-time AoB pattern scanning library☆12Aug 27, 2021Updated 4 years ago
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- A work in progress BOF/COFF loader in Rust☆50Mar 22, 2023Updated 3 years ago
- A collection of scripts used to support an OffSecOps pipeline.☆15Jan 31, 2021Updated 5 years ago
- bypass UAC even when configured to always notify user☆29Aug 31, 2021Updated 4 years ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- Disable PPL via custom driver and dump lsass☆15Mar 13, 2021Updated 5 years ago
- C++ WinRM API via Reflective DLL☆145Sep 11, 2021Updated 4 years ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆109Jan 3, 2021Updated 5 years ago
- A small example of loading BOFs in Python with pure reflection☆19Jan 26, 2023Updated 3 years ago
- SharpASM is a C# project that aims to automate ASM (i.e. shellcode) execution in .NET programs by exploiting code caves in RWX sections a…☆59May 23, 2022Updated 3 years ago
- LdrLoadDll Unhooking☆135Jan 16, 2022Updated 4 years ago
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆55Mar 3, 2022Updated 4 years ago
- An implementation and proof-of-concept of Process Forking.☆230Nov 29, 2021Updated 4 years ago
- Proof of Concept for EFSRPC Arbitrary File Upload (CVE-2021-43893)☆64Feb 14, 2022Updated 4 years ago
- stack based arithmetic only virtual machine (VM) executes bytecode instructions to perform various basic arithmetic operations and manage…☆27Mar 19, 2025Updated last year
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆37Jul 27, 2021Updated 4 years ago