Helixo32 / DetectHooksLinks
Detect userland hooks placed by AV/EDR
☆28Updated 2 years ago
Alternatives and similar repositories for DetectHooks
Users that are interested in DetectHooks are comparing it to the libraries listed below
Sorting:
- ☆60Updated last year
- in-process powershell runner for BRC4☆47Updated last year
- ☆48Updated 2 years ago
- A pure C version of SymProcAddress☆30Updated last year
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆33Updated last year
- malleable profile generator GUI for Havoc☆55Updated 2 years ago
- ☆44Updated last year
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated last year
- Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does☆81Updated 3 months ago
- Scripts to interact with Microsoft Graph APIs☆43Updated 11 months ago
- Sniffing files generator☆59Updated 8 months ago
- ☆47Updated 2 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆87Updated 2 years ago
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆78Updated last year
- This repo hosts a poc of how to execute F# code within an unmanaged process☆69Updated last year
- This workshop is designed to provide you with a solid understanding of IronPython, its integration with the .NET framework, and how it ca…☆42Updated last year
- ☆58Updated last year
- ☆65Updated last year
- .NET port of Leron Gray's azbelt tool.☆26Updated 2 years ago
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆58Updated 3 years ago
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆37Updated 6 months ago
- RPC to WebClient startup☆52Updated 2 months ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆26Updated 3 years ago
- A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.☆88Updated 9 months ago
- Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL☆22Updated 3 years ago
- Extract registry and NTDS secrets from local or remote disk images☆43Updated 7 months ago
- Docker container for running CobaltStrike 4.10☆37Updated last year
- A lightweight HTTP/HTTPS reverse proxy for efficient, policy-based traffic filtering and redirection.☆46Updated 2 years ago
- ☆15Updated 2 years ago
- ☆26Updated 7 months ago