A lightweight tool that injects a custom assembly proxy into a target process to silently bypass ETW scanning by redirecting ETW calls to custom proxy.
☆45Jun 1, 2025Updated 10 months ago
Alternatives and similar repositories for Ebyte-ETW-Redirector
Users that are interested in Ebyte-ETW-Redirector are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Bypasses AMSI protection through remote memory patching and parsing technique.☆54May 12, 2025Updated 10 months ago
- PhantomDelay is a precise delay function that uses the Windows high resolution performance counter to pause your program for a specified …☆19May 8, 2025Updated 11 months ago
- Pattern-based AMSI bypass that patches AMSI.dll in memory by modifying comparison values, conditional jumps, and function prologues to ne…☆28May 13, 2025Updated 10 months ago
- A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBuf…☆64May 16, 2025Updated 10 months ago
- Stealthy x64 thread manipulation library for calling functions inside target processes without creating remote threads or installing hook…☆59Oct 10, 2025Updated 5 months ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Troll TaskManager, and play with it .☆30Aug 3, 2025Updated 8 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆103Apr 27, 2025Updated 11 months ago
- ☆26Aug 11, 2025Updated 7 months ago
- (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.☆51May 22, 2025Updated 10 months ago
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆13Jul 15, 2023Updated 2 years ago
- Obex – Blocking unwanted DLLs in user mode☆283Sep 18, 2025Updated 6 months ago
- A mutliple tactics to execute shellcode in go :}☆25Apr 21, 2025Updated 11 months ago
- Remote DLL Injection with Timer-based Shellcode Execution☆154Jul 18, 2025Updated 8 months ago
- demo unhooking functions in ntdll☆28Jul 15, 2025Updated 8 months ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Windows Access token manipulation tool made in C#☆25Aug 24, 2025Updated 7 months ago
- Reflective shellcode loaderwith advanced call stack spoofing and .NET support.☆230Sep 19, 2025Updated 6 months ago
- Boilerplate to develop raw and truly Position Independent Code (PIC).☆117Jan 20, 2025Updated last year
- Obfuscate payloads using IPv4, IPv6, MAC or UUID strings☆23Feb 17, 2024Updated 2 years ago
- DLL Hijacking Detection Tool☆15Jun 21, 2025Updated 9 months ago
- custom impacket mssqlclient☆26Sep 16, 2023Updated 2 years ago
- How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.☆27Apr 21, 2025Updated 11 months ago
- Code execution/injection technique using DLL PEB module structure manipulation☆224Jun 4, 2025Updated 10 months ago
- ☆43Feb 12, 2026Updated last month
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Swiss Army Knife for payload encryption, obfuscation, and conversion to byte arrays – all in a single command (14 output formats supporte…☆216Mar 7, 2026Updated last month
- ☆16Jun 15, 2025Updated 9 months ago
- hack3270 is a python3 based tool to manipulate tn3270 data streams, specifically to perform application penetration testing of mainframe …☆26Feb 21, 2026Updated last month
- Advanced kernel-native security framework to disrupt and prevent DNS-based breaches including C2 channels and tunneling with zero data lo…☆32Aug 30, 2025Updated 7 months ago
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆166Jul 30, 2025Updated 8 months ago
- load shellcode without P/D Invoke and VirtualProtect call.☆169Sep 2, 2025Updated 7 months ago
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆284Apr 6, 2025Updated last year
- Dynamic Indirect Syscalls via JOP/ROP in Pure no_std, no_alloc, no dependency Rust☆44Aug 6, 2025Updated 8 months ago
- rust clr heap encryption (https://github.com/lap1nou/CLR_Heap_encryption), but no heap encryption.☆17Jan 6, 2024Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Proof of Concept CVE-2025-21420 (Windows Disk Cleanup Tool EoP)☆56Jun 12, 2025Updated 9 months ago
- Monitors ETW for security relevant syscalls maintaining the set called by each unique process☆89May 17, 2023Updated 2 years ago
- Thats it! An Open-Source Windows UEFI Rootkit☆29Jul 19, 2025Updated 8 months ago
- Prevent in-process process termination by patching exit APIs☆65Nov 9, 2025Updated 5 months ago
- ☆38Aug 6, 2025Updated 8 months ago
- Proof of Concept CVE-2025-24990 (Agere Systems's driver)☆56Oct 31, 2025Updated 5 months ago
- A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow☆18Jun 26, 2025Updated 9 months ago