Meckazin / HidingFromETWView external linksLinks
PoC for detecting and evading ETW detection of .Net Assembly.Load
☆21Aug 26, 2020Updated 5 years ago
Alternatives and similar repositories for HidingFromETW
Users that are interested in HidingFromETW are comparing it to the libraries listed below
Sorting:
- Use GZip to compress your .NET assemblies for loading with AssemblyResolve.☆20Apr 11, 2014Updated 11 years ago
- Playing with PE's and Building Structures by Hand☆22Apr 21, 2022Updated 3 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆32Aug 12, 2022Updated 3 years ago
- ☆12Apr 7, 2022Updated 3 years ago
- It's what all the kids are talking about☆12Apr 25, 2023Updated 2 years ago
- ☆14Sep 22, 2019Updated 6 years ago
- various methods of making API calls☆19Feb 1, 2025Updated last year
- AppXSVC Service race condition - privilege escalation☆30Jul 30, 2019Updated 6 years ago
- Simple and sane compression wrapper library.☆19Oct 28, 2022Updated 3 years ago
- A port of classic netcat to C#☆34Jan 21, 2023Updated 3 years ago
- Remote code execution in Power Platform connectors via JSON deserialization☆23Mar 30, 2023Updated 2 years ago
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- ☆16Jan 12, 2026Updated last month
- PoC: process watcher patterns to make killing a process hard.☆11Aug 1, 2018Updated 7 years ago
- Injection of MSIL using Cecil☆12Jul 28, 2015Updated 10 years ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- Windows Service with the implementation of the Process hollowing technique to run shellcode☆14Jul 20, 2023Updated 2 years ago
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆40Aug 8, 2022Updated 3 years ago
- ☆78Oct 18, 2022Updated 3 years ago
- Infect Shared Files In Memory for Lateral Movement