Kara-4search / ProcessHollowing_CSharpLinks
ProcessHollowing via csharp
☆13Updated 3 years ago
Alternatives and similar repositories for ProcessHollowing_CSharp
Users that are interested in ProcessHollowing_CSharp are comparing it to the libraries listed below
Sorting:
- Unhooks Bit Defender from NTDLL and KERNELBASE using a classic technique.☆57Updated 2 years ago
- MappingInjection via csharp☆40Updated 4 years ago
- Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.☆62Updated 4 years ago
- Halos Gate-based NTAPI Unhooker☆52Updated 3 years ago
- HookDetection☆46Updated 4 years ago
- Bypass AMSI☆14Updated 4 years ago
- Exploring in-memory execution of .NET☆139Updated 3 years ago
- Process inject technique "Thread hijacking" via csharp☆15Updated 3 years ago
- Beacon Object File allowing creation of Beacons in different sessions.☆81Updated 3 years ago
- Small POC written in C# that performs shellcode injection on x64 processes using direct syscalls as a way to bypass user-land EDR hooks.☆84Updated 5 years ago
- Inject shellcode into process via "EarlyBird"☆26Updated 4 years ago
- My implementation of Halo's Gate technique in C#☆54Updated 3 years ago
- SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and publishe…☆60Updated 3 years ago
- Overwrite a process's recovery callback and execute with WER☆103Updated 3 years ago
- C++ WinRM API via Reflective DLL☆146Updated 4 years ago
- It stinks☆102Updated 3 years ago
- Extracting Syscall Stub, Modernized☆66Updated 3 years ago
- Get your data from the resource section manually, with no need for windows apis☆65Updated last year
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆110Updated 2 years ago
- POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…☆40Updated 4 years ago
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆101Updated 3 years ago
- LOCAL AND REMOTE HOOK msv1_0!SpAcceptCredentials from LSASS.exe and DUMP DOMAIN/LOGIN/PASSWORD IN CLEARTEXT to text file.☆122Updated 5 years ago
- Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.☆16Updated 3 years ago
- Load PE via XML Attribute☆32Updated 5 years ago
- Patch AMSI and ETW in remote process via direct syscall☆83Updated 3 years ago
- My personal shellcode loader☆32Updated 2 years ago
- A simplified version of DotNetToJScript to create a JScript file which loads a .NET v2 assembly from memory.☆46Updated 4 years ago
- ☆38Updated 5 years ago
- ☆119Updated 2 years ago
- SharpASM is a C# project that aims to automate ASM (i.e. shellcode) execution in .NET programs by exploiting code caves in RWX sections a…☆59Updated 3 years ago