Kara-4search / ProcessHollowing_CSharpLinks
ProcessHollowing via csharp
☆13Updated 3 years ago
Alternatives and similar repositories for ProcessHollowing_CSharp
Users that are interested in ProcessHollowing_CSharp are comparing it to the libraries listed below
Sorting:
- Unhook DLL via cleaning the DLL 's .text section☆9Updated 3 years ago
- MappingInjection via csharp☆39Updated 3 years ago
- Halos Gate-based NTAPI Unhooker☆52Updated 3 years ago
- Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.☆62Updated 3 years ago
- Inject shellcode into process via "EarlyBird"☆26Updated 3 years ago
- Unhooks Bit Defender from NTDLL and KERNELBASE using a classic technique.☆55Updated 2 years ago
- Get your data from the resource section manually, with no need for windows apis☆64Updated 9 months ago
- HookDetection☆45Updated 3 years ago
- Exploring in-memory execution of .NET☆139Updated 3 years ago
- Bypassing ETW with Csharp☆27Updated 3 years ago
- Process inject technique "Thread hijacking" via csharp☆15Updated 3 years ago
- SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and publishe…☆58Updated 2 years ago
- Bypass AMSI☆14Updated 4 years ago
- LOCAL AND REMOTE HOOK msv1_0!SpAcceptCredentials from LSASS.exe and DUMP DOMAIN/LOGIN/PASSWORD IN CLEARTEXT to text file.☆119Updated 5 years ago
- My implementation of Halo's Gate technique in C#☆54Updated 3 years ago
- Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.☆16Updated 3 years ago
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆97Updated 3 years ago
- Small POC written in C# that performs shellcode injection on x64 processes using direct syscalls as a way to bypass user-land EDR hooks.☆84Updated 5 years ago
- It stinks☆102Updated 3 years ago
- Beacon Object File allowing creation of Beacons in different sessions.☆81Updated 3 years ago
- Load PE via XML Attribute☆31Updated 5 years ago
- POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…☆41Updated 3 years ago
- ☆39Updated 4 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆108Updated 2 years ago
- ☆38Updated 4 years ago
- C++ WinRM API via Reflective DLL☆146Updated 3 years ago
- Overwrite a process's recovery callback and execute with WER☆103Updated 3 years ago
- Extracting Syscall Stub, Modernized☆65Updated 3 years ago
- SharpASM is a C# project that aims to automate ASM (i.e. shellcode) execution in .NET programs by exploiting code caves in RWX sections a…☆57Updated 3 years ago
- Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR☆159Updated 4 years ago