Bypass Windows defender syscall
☆18Jul 17, 2021Updated 4 years ago
Alternatives and similar repositories for KanonSys
Users that are interested in KanonSys are comparing it to the libraries listed below
Sorting:
- Runpe + DInvoke + Syscall☆16Jun 18, 2021Updated 4 years ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- Nice try reading NTDLL from disk, nerd.☆19Apr 18, 2022Updated 3 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 3 years ago
- Get your data from the resource section manually, with no need for windows apis☆67Oct 22, 2024Updated last year
- MappingInjection via csharp☆40Nov 19, 2021Updated 4 years ago
- Fud Runpe Av Evasion / All Av Bypass☆32Feb 24, 2023Updated 3 years ago
- Bypassing kernel patch protection runtime☆22Feb 19, 2023Updated 3 years ago
- Playing with PE's and Building Structures by Hand☆22Apr 21, 2022Updated 3 years ago
- A .NET binary loader that bypasses AMSI☆45Sep 20, 2021Updated 4 years ago
- A wrapper around Windows, calls explicitly the lowest possible calls☆14Jan 19, 2023Updated 3 years ago
- Inject dll to explorer.exe and hide file from process.☆23Apr 24, 2021Updated 4 years ago
- Proofs-Of-360Security Sandbox Escape☆10Mar 18, 2022Updated 3 years ago
- C# version of MDSec's ParallelSyscalls☆141Jan 9, 2022Updated 4 years ago
- It stinks☆105Apr 22, 2022Updated 3 years ago
- Append custom data to signed pe file and DONOT DESTROY SIGNED STATUS.☆26Mar 13, 2021Updated 4 years ago
- ☆12Feb 28, 2022Updated 4 years ago
- 关闭恶意驱动的文件和注册表保护☆14Jun 28, 2022Updated 3 years ago
- CVE-2022-22978 Spring-Security bypass Demo☆16Jun 2, 2022Updated 3 years ago
- A shellcode tool to make convenient shellcode programing work flow.☆12Oct 19, 2021Updated 4 years ago
- Process injection via KernelCallbackTable☆13Jan 28, 2022Updated 4 years ago
- Malware persistence via COM DLL hijacking. C++ implementation example☆13May 2, 2022Updated 3 years ago
- ☆28Dec 2, 2021Updated 4 years ago
- Patch AMSI and ETW in remote process via direct syscall☆85Apr 28, 2022Updated 3 years ago
- A small shellcode loader library written in C#☆48Dec 21, 2021Updated 4 years ago
- JALSI - Just Another Lame Shellcode Injector☆30Aug 1, 2021Updated 4 years ago
- POC For CVE-2022-24483☆14Apr 12, 2022Updated 3 years ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆14Sep 30, 2022Updated 3 years ago
- Direct syscalls Injection to bypass AV/EDR☆11May 18, 2024Updated last year
- Windows NTLMSSP library☆11Oct 13, 2020Updated 5 years ago
- It's what all the kids are talking about☆12Apr 25, 2023Updated 2 years ago
- Group 4 - C# Remote Administrator Tool☆11Feb 18, 2025Updated last year
- 简单版的PE加载器☆12Aug 11, 2020Updated 5 years ago
- Hide a loaded dynamic link library from memory☆34Jun 13, 2021Updated 4 years ago
- A collection of sample code used in some experiments with Sliver C2☆16Mar 28, 2023Updated 2 years ago
- Find world writable directories that contain a .exe or .dll file☆13Aug 31, 2021Updated 4 years ago
- Mining on restricted environments made easy! Hidden GUI Ethereum miner that mines to NiceHash wallet or Normal Ethereum wallet.…☆13Oct 24, 2020Updated 5 years ago
- SharpASM is a C# project that aims to automate ASM (i.e. shellcode) execution in .NET programs by exploiting code caves in RWX sections a…☆59May 23, 2022Updated 3 years ago
- Hooking Heavens Gate in a weekend☆13Jan 1, 2022Updated 4 years ago