MzHmO / USB-Monitor
USB Monitor is a simple C# program that uses WMI to track information about newly connected and disconnected USB devices
☆23Updated last year
Alternatives and similar repositories for USB-Monitor:
Users that are interested in USB-Monitor are comparing it to the libraries listed below
- API Hammering with C++20☆45Updated 2 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 2 years ago
- A pure C version of SymProcAddress☆26Updated last year
- Proof of Concept example for abusing Process Hacker 2 (v2.39.124)☆21Updated 5 months ago
- Windows AppLocker Driver (appid.sys) LPE☆53Updated 8 months ago
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆15Updated 2 years ago
- Windows LPE Nday☆25Updated 11 months ago
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆24Updated 6 months ago
- Listing UDP connections with remote address without sniffing.☆30Updated last year
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆36Updated last year
- using the gpu to hide your payload☆56Updated 2 years ago
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆44Updated last year
- An example of COM hijacking using a proxy DLL.☆28Updated 3 years ago
- PoC for the Untrusted Pointer Dereference in the appid.sys driver☆16Updated 11 months ago
- Plantronics Desktop Hub LPE☆37Updated 10 months ago
- One Click Tool to Scan All the Enabled Protection of current Windows NT Kernel☆43Updated last year
- Threadless injection via TLS callbacks☆16Updated 4 months ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆70Updated last year
- Section-based payload obfuscation technique for x64☆59Updated 7 months ago
- Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver☆50Updated last year
- Callstack spoofing using a VEH because VEH all the things.☆19Updated 2 weeks ago
- C# API for Nidhogg rootkit☆17Updated 11 months ago
- Just another Process Injection using Process Hollowing technique.☆17Updated last year
- ☆29Updated 3 months ago
- Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current pr…☆20Updated last year
- A firebeam plugin that exploits the CVE-2024-26229 vulnerability to perform elevation of privilege from a unprivileged user☆39Updated 7 months ago
- A (quite) simple steganography algorithm to hide shellcodes within bitmap image.☆21Updated 10 months ago
- Reimplementation of the KExecDD DSE bypass technique.☆47Updated 6 months ago
- ☆36Updated 2 years ago
- Sample Rust Hooking Engine☆36Updated 11 months ago