Alternatives and similar repositories for NTProcessInjector:

Users that are interested in NTProcessInjector are comparing it to the libraries listed below

• rbmm / Hollowed-Process
  ☆26Updated 3 months ago
• a7t0fwa7 / SymProcSleuth
  A pure C version of SymProcAddress
  ☆24Updated 10 months ago
• lem0nSec / Dsebler
  Reimplementation of the KExecDD DSE bypass technique.
  ☆46Updated 4 months ago
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆39Updated 6 months ago
• BlackHat-Ashura / Process_Ghosting
  Process Ghosting is a technique in which a process is created from a delete pending file. This means the created process is not backed by…
  ☆14Updated 8 months ago
• peiga / DumpThatLSASS
  Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation
  ☆30Updated 2 years ago
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆44Updated 2 years ago
• inb1ts / birdnet-poc
  Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
  ☆39Updated last year
• rbmm / ARL
  ☆24Updated 2 weeks ago
• ommadawn46 / HEVD-Exploit-Win10-22H2-KVAS
  HEVD Exploit: ArbitraryWrite on Windows 10 22H2 - Bypassing KVA Shadow and SMEP via PML4 Entry Manipulation
  ☆22Updated 6 months ago
• AlSch092 / HideStaticReferences
  Research into removing strings & API call references at compile-time (Anti-Analysis)
  ☆24Updated 7 months ago
• fern89 / runpe-x64
  RunPE adapted for x64 and written in C, does not use RWX
  ☆24Updated 8 months ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆73Updated 5 months ago
• GetRektBoy724 / SyscallShuffler
  Your NTDLL vaccine from modern direct syscall methods.
  ☆35Updated 2 years ago
• MMitsuha / Tajimari
  the Open Source and Pure C++ Packer for eXecutables
  ☆18Updated last year
• CaptainNox / Hypnos
  A more reliable way of resolving syscall numbers in Windows
  ☆50Updated 11 months ago
• xalicex / Unhook-Import-Address-Table
  Piece of code to detect and remove hooks in IAT
  ☆62Updated 2 years ago
• MaorSabag / Paruns-Fart
  Just another ntdll unhooking using Parun's Fart technique
  ☆73Updated last year
• Slowerzs / CryptDecryptMemory
  ☆29Updated last month
• Bl4ckM1rror / PEAs
  ☆58Updated last year
• vatsalgupta67 / Process-Hollowing
  Red Team Operation's Defense Evasion Technique.
  ☆52Updated 7 months ago
• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆47Updated 5 months ago
• Helixo32 / DetectHooks
  Detect userland hooks placed by AV/EDR
  ☆27Updated last year
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆46Updated 10 months ago
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆59Updated 5 months ago
• rbmm / SDD
  Self Delete DLL
  ☆23Updated 11 months ago
• joe-desimone / rep-research
  ☆68Updated 5 months ago
• SolomonSklash / COM-Hijacking
  An example of COM hijacking using a proxy DLL.
  ☆25Updated 3 years ago
• ScriptIdiot / SysmonQuiet
  RDLL for Cobalt Strike beacon to silence sysmon process
  ☆87Updated 2 years ago