NUL0x4C / Syscallslib
a library that automates some clean syscalls to make it easier to implement
☆82Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for Syscallslib
- A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process☆87Updated 2 years ago
- ☆44Updated 2 years ago
- ☆106Updated last year
- Beacon Object File allowing creation of Beacons in different sessions.☆76Updated 2 years ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆127Updated 2 years ago
- Writeup of Payload Techniques in C involving Mutants, Session 1 -> Session 0 migration, and Self-Deletion of payloads.☆121Updated 2 years ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆120Updated last year
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆78Updated last year
- Exploring in-memory execution of .NET☆133Updated 2 years ago
- I have documented all of the AMSI patches that I learned till now☆68Updated last year
- Get your data from the resource section manually, with no need for windows apis☆53Updated last month
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆95Updated last year
- Patch AMSI and ETW in remote process via direct syscall☆77Updated 2 years ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆67Updated 9 months ago
- It stinks☆100Updated 2 years ago
- Cobalt Strike User Defined Reflective Loader (UDRL). Check branches for different functionality.☆134Updated 2 years ago
- This is my own implementation of the Perun's Fart technique by Sektor7☆66Updated 2 years ago
- abusing Process Hacker driver to terminate other processes (BYOVD)☆79Updated last year
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆39Updated 11 months ago
- Halos Gate-based NTAPI Unhooker☆49Updated 2 years ago
- Titan: A crappy Reflective Loader written in C and assembly for Cobalt Strike. Redirects DNS Beacon over DoH☆43Updated 3 years ago
- Code used in this post https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html☆99Updated 2 years ago