MzHmO / USB-Monitor
USB Monitor is a simple C# program that uses WMI to track information about newly connected and disconnected USB devices
☆20Updated 10 months ago
Related projects ⓘ
Alternatives and complementary repositories for USB-Monitor
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆15Updated last year
- Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver☆51Updated last year
- One Click Tool to Scan All the Enabled Protection of current Windows NT Kernel☆43Updated last year
- Windows AppLocker Driver (appid.sys) LPE☆35Updated 3 months ago
- lsassdump via RtlCreateProcessReflection and NanoDump☆70Updated 3 weeks ago
- ☆34Updated last year
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆32Updated last year
- An initial proof of concept of a bootkit based on Cr4sh's DMABackdoorBoot☆59Updated last year
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆40Updated 8 months ago
- Various methods of executing shellcode☆68Updated last year
- API Hammering with C++20☆34Updated 2 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 2 years ago
- ☆27Updated 11 months ago
- Sleep obfuscation☆82Updated this week
- A (quite) simple steganography algorithm to hide shellcodes within bitmap image.☆21Updated 6 months ago
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆53Updated 2 years ago
- Section-based payload obfuscation technique for x64☆58Updated 3 months ago
- A launcher to load a DLL with xored cobalt strike shellcode executed in memory through process hollowing technique☆24Updated 2 years ago
- Artemis - C++ Hell's Gate Syscall Implementation☆30Updated last year
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆67Updated 9 months ago
- Listing UDP connections with remote address without sniffing.☆30Updated last year
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆21Updated last month
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.☆69Updated 8 months ago
- In-memory hiding technique☆43Updated 5 months ago
- ☆35Updated 2 weeks ago
- the Open Source and Pure C++ Packer for eXecutables☆18Updated last year
- call gates as stable comunication channel for NT x86 and Linux x86_64☆30Updated last year
- Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules☆42Updated last year