MappingInjection via csharp
☆40Nov 19, 2021Updated 4 years ago
Alternatives and similar repositories for MappingInjection_CSharp
Users that are interested in MappingInjection_CSharp are comparing it to the libraries listed below
Sorting:
- Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.☆62Sep 6, 2021Updated 4 years ago
- HookDetection☆45Sep 3, 2021Updated 4 years ago
- Bypass AMSI☆13Aug 8, 2021Updated 4 years ago
- A Simple ShellcodeLoader☆11Jun 4, 2021Updated 4 years ago
- ProcessHollowing via csharp☆13Dec 21, 2021Updated 4 years ago
- Command line & PPID spoofing☆29Apr 15, 2023Updated 2 years ago
- Using fibers to execute shellcode in a local process via csharp☆28Jan 2, 2022Updated 4 years ago
- Process inject technique "Thread hijacking" via csharp☆15Dec 18, 2021Updated 4 years ago
- Bypassing ETW with Csharp☆27Oct 28, 2021Updated 4 years ago
- Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.☆18Jan 21, 2022Updated 4 years ago
- Inject shellcode into process via "EarlyBird"☆26Aug 30, 2021Updated 4 years ago
- ShellCodeLoader via DInvoke☆60Jul 5, 2021Updated 4 years ago
- Bypass windows eventlogs & Sysmon☆20Aug 24, 2021Updated 4 years ago
- ☆31Aug 23, 2020Updated 5 years ago
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆20Apr 17, 2023Updated 2 years ago
- Runpe + DInvoke + Syscall☆16Jun 18, 2021Updated 4 years ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- Load shellcode via syscall☆56Jul 28, 2021Updated 4 years ago
- POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…☆41Sep 23, 2021Updated 4 years ago
- A Proof-of-Concept implementation for Proxy Object Obfuscation in .NET☆48Jan 8, 2023Updated 3 years ago
- Released presentations of my talks + code that used during these talks☆15Sep 5, 2024Updated last year
- An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe component☆11Aug 5, 2023Updated 2 years ago
- Bypass Windows defender syscall☆18Jul 17, 2021Updated 4 years ago
- Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used☆92Aug 26, 2021Updated 4 years ago
- This project is created for research into antivirus evasion by unhooking.☆18Sep 2, 2021Updated 4 years ago
- I used this to see if an EDR is running in Safe Mode☆36Feb 13, 2021Updated 5 years ago
- Decrypt Matrix42 Empirum /EIS Passwords☆14Mar 31, 2021Updated 4 years ago
- ☆12Oct 9, 2020Updated 5 years ago
- Obfuscate ECMA CIL (.NET IL) assemblies to evade Windows Defender AMSI☆240Jun 9, 2023Updated 2 years ago
- Extracting Syscall Stub, Modernized☆65Apr 2, 2022Updated 3 years ago
- Windows Service with the implementation of the Process hollowing technique to run shellcode☆14Jul 20, 2023Updated 2 years ago
- ☆13Oct 20, 2021Updated 4 years ago
- SharpASM is a C# project that aims to automate ASM (i.e. shellcode) execution in .NET programs by exploiting code caves in RWX sections a…☆59May 23, 2022Updated 3 years ago
- Reflective DLL Injection with obfuscated (XOR) shellcode☆73Dec 13, 2020Updated 5 years ago
- LdrLoadDll Unhooking☆135Jan 16, 2022Updated 4 years ago
- cmd2shellcode☆79May 6, 2021Updated 4 years ago
- Clone running process with ZwCreateProcess☆59Nov 8, 2020Updated 5 years ago
- Process Ghosting in C#☆219Jan 24, 2022Updated 4 years ago
- C# version of MDSec's ParallelSyscalls☆142Jan 9, 2022Updated 4 years ago