PoC for detecting and evading ETW detection of .Net Assembly.Load
☆22Aug 26, 2020Updated 5 years ago
Alternatives and similar repositories for HidingFromETW
Users that are interested in HidingFromETW are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Use GZip to compress your .NET assemblies for loading with AssemblyResolve.☆20Apr 11, 2014Updated 12 years ago
- Playing with PE's and Building Structures by Hand☆22Apr 21, 2022Updated 4 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆32Aug 12, 2022Updated 3 years ago
- It's what all the kids are talking about☆12Apr 25, 2023Updated 3 years ago
- ☆12Apr 7, 2022Updated 4 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- A port of classic netcat to C#☆34Jan 21, 2023Updated 3 years ago
- ☆14Sep 22, 2019Updated 6 years ago
- various methods of making API calls☆19Feb 1, 2025Updated last year
- string encryption in Nim☆19Jun 15, 2024Updated last year
- AppXSVC Service race condition - privilege escalation☆30Jul 30, 2019Updated 6 years ago
- Simple and sane compression wrapper library.☆19Oct 28, 2022Updated 3 years ago
- PoC: process watcher patterns to make killing a process hard.☆11Aug 1, 2018Updated 7 years ago
- Injection of MSIL using Cecil☆12Jul 28, 2015Updated 10 years ago
- Unchain AMSI by patching the provider’s unmonitored memory space☆91Nov 24, 2022Updated 3 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Infect Shared Files In Memory for Lateral Movement☆192Dec 14, 2022Updated 3 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆91Dec 15, 2022Updated 3 years ago
- Execute embedded Mimikatz☆13Nov 24, 2021Updated 4 years ago
- Remote code execution in Power Platform connectors via JSON deserialization☆23Mar 30, 2023Updated 3 years ago
- Some stuff for PHD2021☆14May 21, 2025Updated 11 months ago
- Read Memory without ReadProcessMemory for Current Process☆92Feb 13, 2022Updated 4 years ago
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆39Aug 8, 2022Updated 3 years ago
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆20Apr 17, 2023Updated 3 years ago
- ☆53Oct 20, 2020Updated 5 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A collection of useful aggressor scripts. All credits due to its authors.☆12Jul 5, 2019Updated 6 years ago
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms☆140Dec 20, 2022Updated 3 years ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- Creating attacks paths across management and data planes☆50Updated this week
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- ☆84Oct 18, 2022Updated 3 years ago
- A generator for malicious DLL files for DLL Hijacking attacks☆33Dec 6, 2019Updated 6 years ago
- C# POC code for the SessionEnv dll hijack by utilizing called functions of TSMSISrv.dll☆63Apr 18, 2019Updated 7 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- List/Read contents of Zip files (in memory and without extraction) using CobaltStrike's Execute-Assembly☆61May 24, 2022Updated 3 years ago
- DynamicSyscalls is a library written in .net resolves the syscalls dynamically (Has nothing to do with hooking/unhooking)☆66Nov 13, 2022Updated 3 years ago
- OSINT Resources for Politics☆14Aug 13, 2018Updated 7 years ago
- DoppelGate relies on reading ntdll on disk to grab syscall stubs, and patches these syscall stubs into desired functions to bypass Userla…☆125Mar 25, 2022Updated 4 years ago
- A Python script to extract the list of users of a GiTea instance, unauthenticated or authenticated.☆15Feb 11, 2025Updated last year
- A basic emulation of an "RPC Backdoor"☆242Aug 25, 2022Updated 3 years ago
- Remotely dump NT hashes through Windows Crash dumps☆33Apr 23, 2026Updated 3 weeks ago