Kara-4search / ProcessHollowing_CSharpLinks
ProcessHollowing via csharp
☆13Updated 4 years ago
Alternatives and similar repositories for ProcessHollowing_CSharp
Users that are interested in ProcessHollowing_CSharp are comparing it to the libraries listed below
Sorting:
- Unhooks Bit Defender from NTDLL and KERNELBASE using a classic technique.☆57Updated 2 years ago
- HookDetection☆45Updated 4 years ago
- Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.☆62Updated 4 years ago
- MappingInjection via csharp☆40Updated 4 years ago
- Bypass AMSI☆13Updated 4 years ago
- Halos Gate-based NTAPI Unhooker☆52Updated 3 years ago
- It stinks☆104Updated 3 years ago
- C++ WinRM API via Reflective DLL☆145Updated 4 years ago
- Exploring in-memory execution of .NET☆138Updated 3 years ago
- POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…☆40Updated 4 years ago
- Beacon Object File allowing creation of Beacons in different sessions.☆82Updated 3 years ago
- Load PE via XML Attribute☆32Updated 6 years ago
- ☆59Updated 3 years ago
- Get your data from the resource section manually, with no need for windows apis☆66Updated last year
- Overwrite a process's recovery callback and execute with WER☆103Updated 3 years ago
- SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and publishe…☆61Updated 3 years ago
- Extracting Syscall Stub, Modernized☆66Updated 3 years ago
- LOCAL AND REMOTE HOOK msv1_0!SpAcceptCredentials from LSASS.exe and DUMP DOMAIN/LOGIN/PASSWORD IN CLEARTEXT to text file.☆122Updated 6 years ago
- Process inject technique "Thread hijacking" via csharp☆15Updated 4 years ago
- Small POC written in C# that performs shellcode injection on x64 processes using direct syscalls as a way to bypass user-land EDR hooks.☆84Updated 6 years ago
- My implementation of Halo's Gate technique in C#☆54Updated 3 years ago
- Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.☆17Updated 4 years ago
- Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR☆158Updated 4 years ago
- Inject shellcode into process via "EarlyBird"☆26Updated 4 years ago
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆101Updated 4 years ago
- Bypassing ETW with Csharp☆27Updated 4 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆93Updated 2 years ago
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆55Updated 3 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆108Updated 2 years ago
- This project is created for research into antivirus evasion by unhooking.☆18Updated 4 years ago