PoC for detecting and evading ETW detection of .Net Assembly.Load
☆21Aug 26, 2020Updated 5 years ago
Alternatives and similar repositories for HidingFromETW
Users that are interested in HidingFromETW are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Use GZip to compress your .NET assemblies for loading with AssemblyResolve.☆20Apr 11, 2014Updated 11 years ago
- Playing with PE's and Building Structures by Hand☆22Apr 21, 2022Updated 3 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆32Aug 12, 2022Updated 3 years ago
- It's what all the kids are talking about☆12Apr 25, 2023Updated 2 years ago
- ☆12Apr 7, 2022Updated 3 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- A port of classic netcat to C#☆34Jan 21, 2023Updated 3 years ago
- ☆14Sep 22, 2019Updated 6 years ago
- various methods of making API calls☆19Feb 1, 2025Updated last year
- string encryption in Nim☆19Jun 15, 2024Updated last year
- AppXSVC Service race condition - privilege escalation☆30Jul 30, 2019Updated 6 years ago
- Simple and sane compression wrapper library.☆19Oct 28, 2022Updated 3 years ago
- PoC: process watcher patterns to make killing a process hard.☆11Aug 1, 2018Updated 7 years ago
- Injection of MSIL using Cecil☆12Jul 28, 2015Updated 10 years ago
- Unchain AMSI by patching the provider’s unmonitored memory space☆91Nov 24, 2022Updated 3 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Infect Shared Files In Memory for Lateral Movement☆192Dec 14, 2022Updated 3 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆90Dec 15, 2022Updated 3 years ago
- Execute embedded Mimikatz☆13Nov 24, 2021Updated 4 years ago
- Remote code execution in Power Platform connectors via JSON deserialization☆23Mar 30, 2023Updated 2 years ago
- Some stuff for PHD2021☆14May 21, 2025Updated 10 months ago
- Read Memory without ReadProcessMemory for Current Process☆92Feb 13, 2022Updated 4 years ago
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆39Aug 8, 2022Updated 3 years ago
- Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms☆136Dec 20, 2022Updated 3 years ago
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆20Apr 17, 2023Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ☆53Oct 20, 2020Updated 5 years ago
- A collection of useful aggressor scripts. All credits due to its authors.☆12Jul 5, 2019Updated 6 years ago
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- ☆78Oct 18, 2022Updated 3 years ago
- A generator for malicious DLL files for DLL Hijacking attacks☆33Dec 6, 2019Updated 6 years ago
- C# POC code for the SessionEnv dll hijack by utilizing called functions of TSMSISrv.dll☆62Apr 18, 2019Updated 6 years ago
- List/Read contents of Zip files (in memory and without extraction) using CobaltStrike's Execute-Assembly☆61May 24, 2022Updated 3 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- DynamicSyscalls is a library written in .net resolves the syscalls dynamically (Has nothing to do with hooking/unhooking)☆66Nov 13, 2022Updated 3 years ago
- OSINT Resources for Politics☆14Aug 13, 2018Updated 7 years ago
- DoppelGate relies on reading ntdll on disk to grab syscall stubs, and patches these syscall stubs into desired functions to bypass Userla…☆123Mar 25, 2022Updated 4 years ago
- A Python script to extract the list of users of a GiTea instance, unauthenticated or authenticated.☆15Feb 11, 2025Updated last year
- A basic emulation of an "RPC Backdoor"☆242Aug 25, 2022Updated 3 years ago
- Remotely dump NT hashes through Windows Crash dumps☆33Oct 29, 2024Updated last year
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆14Jan 15, 2025Updated last year