Kara-4search/NewNtdllBypassInlineHook_CSharp external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Kara-4search/NewNtdllBypassInlineHook_CSharp

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Kara-4search/NewNtdllBypassInlineHook_CSharp)

Close

Kara-4search / NewNtdllBypassInlineHook_CSharpView on GitHubMore

• External links
• Readme badge

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

☆62Sep 6, 2021Updated 4 years ago

Alternatives and similar repositories for NewNtdllBypassInlineHook_CSharp

Users that are interested in NewNtdllBypassInlineHook_CSharp are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• Kara-4search / MappingInjection_CSharp

  View on GitHub
  MappingInjection via csharp
  ☆40Nov 19, 2021Updated 4 years ago
• Kara-4search / Fiber_ShellcodeExecution

  View on GitHub
  Using fibers to execute shellcode in a local process via csharp
  ☆28Jan 2, 2022Updated 4 years ago
• Kara-4search / HellgateLoader_CSharp

  View on GitHub
  Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.
  ☆17Jan 21, 2022Updated 4 years ago
• Kara-4search / ProcessHollowing_CSharp

  View on GitHub
  ProcessHollowing via csharp
  ☆13Dec 21, 2021Updated 4 years ago
• Kara-4search / EarlyBirdInjection_CSharp

  View on GitHub
  Inject shellcode into process via "EarlyBird"
  ☆27Aug 30, 2021Updated 4 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• Kara-4search / HookDetection_CSharp

  View on GitHub
  HookDetection
  ☆45Sep 3, 2021Updated 4 years ago
• Kara-4search / SysCall_ShellcodeLoad_Csharp

  View on GitHub
  Load shellcode via syscall
  ☆56Jul 28, 2021Updated 4 years ago
• Kara-4search / DInvoke_shellcodeload_CSharp

  View on GitHub
  ShellCodeLoader via DInvoke
  ☆59Jul 5, 2021Updated 4 years ago
• Kara-4search / ThreadHijacking_CSharp

  View on GitHub
  Process inject technique "Thread hijacking" via csharp
  ☆15Dec 18, 2021Updated 4 years ago
• Kara-4search / PEB-PPIDspoofing_Csharp

  View on GitHub
  Command line & PPID spoofing
  ☆30Apr 15, 2023Updated 3 years ago
• Kara-4search / Simple_ShellCodeLoader_CSharp

  View on GitHub
  A Simple ShellcodeLoader
  ☆11Jun 4, 2021Updated 4 years ago
• Kara-4search / BypassETW_CSharp

  View on GitHub
  Bypassing ETW with Csharp
  ☆27Oct 28, 2021Updated 4 years ago
• Kara-4search / BypassAMSI_CSharp

  View on GitHub
  Bypass AMSI
  ☆13Aug 8, 2021Updated 4 years ago
• CryptoBreach / UnhookPoC

  View on GitHub
  A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.
  ☆10Dec 16, 2021Updated 4 years ago
• Open source password manager - Proton Pass • Ad
  Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
• PorLaCola25 / PPID-Spoofing

  View on GitHub
  POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…
  ☆43Sep 23, 2021Updated 4 years ago
• Kara-4search / WindowsEventLogsBypass_Csharp

  View on GitHub
  Bypass windows eventlogs & Sysmon
  ☆20Aug 24, 2021Updated 4 years ago
• pwn1sher / uuid-loader

  View on GitHub
  UUID based Shellcode loader for your favorite C2
  ☆86Dec 8, 2021Updated 4 years ago
• GetRektBoy724 / TripleS

  View on GitHub
  Extracting Syscall Stub, Modernized
  ☆65Apr 2, 2022Updated 4 years ago
• EvaStanAccount / MalwareDev

  View on GitHub
  ☆16Sep 23, 2021Updated 4 years ago
• Kr0ff / WinMalDev

  View on GitHub
  Various methods of executing shellcode
  ☆74Mar 27, 2023Updated 3 years ago
• GetRektBoy724 / SyscallShuffler

  View on GitHub
  Your NTDLL vaccine from modern direct syscall methods.
  ☆36Apr 5, 2022Updated 4 years ago
• StudyCat404 / uuid_exec_shellcode

  View on GitHub
  uuid-shellcode-execution
  ☆13May 9, 2021Updated 5 years ago
• rasta-mouse / AsyncSockets

  View on GitHub
  Example of async client/server sockets in .NET 5
  ☆17Jun 9, 2021Updated 4 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• scareing / cmd2shellcode

  View on GitHub
  cmd2shellcode
  ☆79May 6, 2021Updated 5 years ago
• GetRektBoy724 / HalosUnhooker

  View on GitHub
  Halos Gate-based NTAPI Unhooker
  ☆52Apr 21, 2022Updated 4 years ago
• SolomonSklash / SyscallPOC

  View on GitHub
  Shellcode injection POC using syscalls.
  ☆117Jun 5, 2020Updated 5 years ago
• BinaryScary / NET-Obfuscate

  View on GitHub
  Obfuscate ECMA CIL (.NET IL) assemblies to evade Windows Defender AMSI
  ☆241Jun 9, 2023Updated 2 years ago
• SECFORCE / SharpWhispers

  View on GitHub
  C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.
  ☆111Apr 14, 2023Updated 3 years ago
• VirtualAlllocEx / Create_Thread_Inline_Assembly_x86

  View on GitHub
  This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly
  ☆20Apr 17, 2023Updated 3 years ago
• GetRektBoy724 / Breaking-Detecting-Direct-Syscall-Techniques

  View on GitHub
  A repository filled with ideas to break/detect direct syscall techniques
  ☆26Apr 21, 2022Updated 4 years ago
• mrd0x / dll_inject_vs_binaries

  View on GitHub
  LOLBINs that inject a DLL into a given process ID.
  ☆139Nov 21, 2021Updated 4 years ago
• S3cur3Th1sSh1t / LDAP-Signing-Scanner

  View on GitHub
  A little scanner to check the LDAP Signing state
  ☆46Aug 2, 2021Updated 4 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• cube0x0 / ParallelSyscalls

  View on GitHub
  C# version of MDSec's ParallelSyscalls
  ☆144Jan 9, 2022Updated 4 years ago
• G0ldenGunSec / SharpTransactedLoad

  View on GitHub
  Load .net assemblies from memory while having them appear to be loaded from an on-disk location.
  ☆173May 5, 2021Updated 5 years ago
• passthehashbrowns / DInvokeProcessHollowing

  View on GitHub
  ☆31Aug 23, 2020Updated 5 years ago
• ChaitanyaHaritash / NIM-Scripts

  View on GitHub
  ☆18Aug 19, 2021Updated 4 years ago
• GetRektBoy724 / SysGate

  View on GitHub
  One gate to all syscalls!
  ☆23Mar 12, 2022Updated 4 years ago
• TomOS3 / UserModeUnhooking

  View on GitHub
  This project is created for research into antivirus evasion by unhooking.
  ☆18Sep 2, 2021Updated 4 years ago
• RedTeamOperations / VEH-PoC

  View on GitHub
  ☆121Dec 23, 2022Updated 3 years ago