Kara-4search / NewNtdllBypassInlineHook_CSharpView external linksLinks
Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.
☆62Sep 6, 2021Updated 4 years ago
Alternatives and similar repositories for NewNtdllBypassInlineHook_CSharp
Users that are interested in NewNtdllBypassInlineHook_CSharp are comparing it to the libraries listed below
Sorting:
- MappingInjection via csharp☆40Nov 19, 2021Updated 4 years ago
- Using fibers to execute shellcode in a local process via csharp☆28Jan 2, 2022Updated 4 years ago
- Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.☆18Jan 21, 2022Updated 4 years ago
- Inject shellcode into process via "EarlyBird"☆26Aug 30, 2021Updated 4 years ago
- ShellCodeLoader via DInvoke☆60Jul 5, 2021Updated 4 years ago
- HookDetection☆45Sep 3, 2021Updated 4 years ago
- Load shellcode via syscall☆56Jul 28, 2021Updated 4 years ago
- Command line & PPID spoofing☆29Apr 15, 2023Updated 2 years ago
- ProcessHollowing via csharp☆13Dec 21, 2021Updated 4 years ago
- Process inject technique "Thread hijacking" via csharp☆15Dec 18, 2021Updated 4 years ago
- POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…☆40Sep 23, 2021Updated 4 years ago
- Bypassing ETW with Csharp☆27Oct 28, 2021Updated 4 years ago
- A Simple ShellcodeLoader☆11Jun 4, 2021Updated 4 years ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- UUID based Shellcode loader for your favorite C2☆86Dec 8, 2021Updated 4 years ago
- Example of async client/server sockets in .NET 5☆17Jun 9, 2021Updated 4 years ago
- Bypass AMSI☆13Aug 8, 2021Updated 4 years ago
- Extracting Syscall Stub, Modernized☆66Apr 2, 2022Updated 3 years ago
- Load .net assemblies from memory while having them appear to be loaded from an on-disk location.☆173May 5, 2021Updated 4 years ago
- ☆16Sep 23, 2021Updated 4 years ago
- Halos Gate-based NTAPI Unhooker☆52Apr 21, 2022Updated 3 years ago
- Classic DLL injection. Download dll from url and inject. Simple C++ implementation☆10Apr 16, 2022Updated 3 years ago
- ☆31Aug 23, 2020Updated 5 years ago
- Various methods of executing shellcode☆74Mar 27, 2023Updated 2 years ago
- This project is created for research into antivirus evasion by unhooking.☆18Sep 2, 2021Updated 4 years ago
- LOLBINs that inject a DLL into a given process ID.☆139Nov 21, 2021Updated 4 years ago
- A simple BOF that frees UDRLs☆122May 29, 2022Updated 3 years ago
- Shellcode injection POC using syscalls.☆117Jun 5, 2020Updated 5 years ago
- ☆15Aug 17, 2023Updated 2 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆27Apr 21, 2022Updated 3 years ago
- BOF combination of KillDefender and Backstab☆170Mar 23, 2023Updated 2 years ago
- Pseudorandom AES-256 encryption designed to protect shellcode and arbitrary strings. C# and C/C++ compatible.☆101Jan 7, 2022Updated 4 years ago
- cmd2shellcode☆79May 6, 2021Updated 4 years ago
- Dynamic COFF object loader☆23Jun 29, 2018Updated 7 years ago
- ☆120Dec 23, 2022Updated 3 years ago
- C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.☆111Apr 14, 2023Updated 2 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆36Apr 5, 2022Updated 3 years ago
- Small POC written in C# that performs shellcode injection on x64 processes using direct syscalls as a way to bypass user-land EDR hooks.☆84Dec 20, 2019Updated 6 years ago
- A technique of hiding malicious shellcode via Shannon encoding.☆263Oct 23, 2022Updated 3 years ago