Eset-Unload is a C++ tool that interacts with a process's loaded modules to identify and unload the ebehmoni.dll module, typically found in ESET security software. It attempts to safely unload or manually load and unload the module.
☆12Apr 21, 2025Updated 11 months ago
Alternatives and similar repositories for Eset-Unload
Users that are interested in Eset-Unload are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…☆15Apr 21, 2025Updated 11 months ago
- NailaoLoader: Hiding Execution Flow via Patching☆23Feb 27, 2025Updated last year
- PhantomDelay is a precise delay function that uses the Windows high resolution performance counter to pause your program for a specified …☆19May 8, 2025Updated 11 months ago
- Proxy function calls through the thread pool with ease☆31Feb 27, 2025Updated last year
- Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…☆112Feb 8, 2025Updated last year
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Adaptix C2 agent using Crystal Palace PIC linker and PICO module system☆71Mar 7, 2026Updated last month
- Dump PDB Symbols including support for Bochs Debugging Format (with wine support)☆14Aug 11, 2023Updated 2 years ago
- Whenever PowerShell is launched, Notepad will also open. You can customize the script for educational purposes, but I emphasize that I do…☆12Apr 21, 2025Updated 11 months ago
- Windows 32/64-bit Include files and Import Libraries☆16May 26, 2022Updated 3 years ago
- A mutliple tactics to execute shellcode in go :}☆25Apr 21, 2025Updated 11 months ago
- 💎 | RubyRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Ruby☆11Apr 21, 2025Updated 11 months ago
- Toolkit of Projects to attack and evade Event Trace for Windows☆27Aug 28, 2025Updated 7 months ago
- A malicous Golang Package☆15Apr 21, 2025Updated 11 months ago
- Kill malawarebytes process. Can be ported to any programming language.☆12Apr 21, 2025Updated 11 months ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Compact MBR Bootkit for Windows☆55Jan 13, 2022Updated 4 years ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆26Apr 21, 2025Updated 11 months ago
- A Documentation for my module PS2BAT, it converts Powershell Scripts to Batchfile ones.☆11Apr 21, 2025Updated 11 months ago
- Enumerate Callbacks and all Object Types☆16Jan 9, 2023Updated 3 years ago
- Examples how to use a Assm (Assembly) in a go.☆24Apr 21, 2025Updated 11 months ago
- Threat Hijacking Simple Implementation☆22Feb 24, 2025Updated last year
- Parent Process ID Spoofing, coded in CGo.☆24Apr 21, 2025Updated 11 months ago
- ☆12Oct 19, 2024Updated last year
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆13Feb 4, 2024Updated 2 years ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- Basic experimentation with Windows drivers.☆17Mar 3, 2023Updated 3 years ago
- BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆17Jul 22, 2022Updated 3 years ago
- (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.☆51May 22, 2025Updated 10 months ago
- Analyzes AdminSDHolder permissions & compares with default baseline or a previous run, to detect potential backdoor/excessive persistent …☆16Apr 8, 2025Updated last year
- Bypasses AMSI protection through remote memory patching and parsing technique.☆54May 12, 2025Updated 10 months ago
- Windows driver template, using C++20 & cmake & GithubActions☆25Aug 9, 2024Updated last year
- Охотник (Hunter) is a simple Adversary Simulation tool developed for achieves stealth through API unhooking, direct and indirect syscalls…☆93Apr 23, 2025Updated 11 months ago
- **SCAM ALERT !!!!!!! ALPHABAY VE DARK WEB TURKİSH DOLANDIRICIDIR BU KONUYU AÇANLARDA KENDİLERİDİR UZAK DURUN** **BÜYÜK BİR DOLANDIRICIL…☆10Jul 14, 2023Updated 2 years ago
- WinDbg plugin to trace module transitions from a debugged driver.☆51Dec 22, 2025Updated 3 months ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆43Apr 6, 2025Updated last year
- How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.☆27Apr 21, 2025Updated 11 months ago
- ☆23Oct 15, 2024Updated last year
- Shellcodev is a tool designed to help and automate the process of shellcode creation.☆114Oct 11, 2023Updated 2 years ago
- Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current pr…☆21Jan 28, 2024Updated 2 years ago
- Bypassing Major EDR's with staged shellcode, custom getmodulehandleW and getprocaddress, veh syscalls & more.☆30Apr 21, 2025Updated 11 months ago
- LLVM Obfuscation Pass☆24Dec 2, 2024Updated last year