Alternatives and similar repositories for Hooker

Users that are interested in Hooker are comparing it to the libraries listed below

• HullaBrian / COMmander
  .NET tool used to enrich RPC telemetry
  ☆99Updated 3 months ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆84Updated last year
• ricardojoserf / NativeTokenImpersonate
  Impersonate Tokens using only NTAPI functions
  ☆80Updated 5 months ago
• rad9800 / FileRenameJunctionsEDRDisable
  ☆157Updated 9 months ago
• klezVirus / koppeling-p
  Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
  ☆78Updated last year
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆52Updated last year
• deepinstinct / ShimMe
  ☆147Updated 10 months ago
• ioncodes / SilentLoad
  "Service-less" driver loading
  ☆161Updated 9 months ago
• mez-0 / citadel
  A Payload Analysis Framework
  ☆85Updated 2 months ago
• oldboy21 / JayFinder
  Find DLLs with RWX section
  ☆81Updated 2 years ago
• MythicAgents / Hannibal
  A Mythic Agent written in PIC C.
  ☆199Updated 7 months ago
• Karkas66 / CelestialSpark
  Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
  ☆103Updated 5 months ago
• whokilleddb / sinister-vsix
  Blog/Journal on how to backdoor VSCode extensions
  ☆73Updated last month
• zarkones / BloodfangC2
  Modern PIC implant for Windows (64 & 32 bit)
  ☆103Updated last month
• naksyn / Embedder
  Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies
  ☆120Updated last year
• andreisss / Remote-DLL-Injection-with-Timer-based-Shellcode-Execution
  Remote DLL Injection with Timer-based Shellcode Execution
  ☆96Updated last month
• silentwarble / PIC-Library
  A collection of position independent coding resources
  ☆93Updated this week
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆64Updated last year
• xpn / CloudInject
  ☆112Updated 9 months ago
• nothingspecialforu / EvtPsst
  EvtPsst
  ☆55Updated last year
• joe-desimone / rep-research
  ☆76Updated last year
• decoder-it / ChgPass
  ☆135Updated 7 months ago
• EvilBytecode / EvilByte-Remote-AMSI-Bypass
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆50Updated 4 months ago
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆47Updated last year
• MzHmO / DebugAmsi
  DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.
  ☆98Updated last year
• Maldev-Academy / TrapFlagForSyscalling
  Bypass user-land hooks by syscall tampering via the Trap Flag
  ☆114Updated 3 weeks ago
• fin3ss3g0d / NativeThreadpool
  Work, timer, and wait callback example using solely Native Windows APIs.
  ☆89Updated last year
• dmcxblue / WSL-Payloads
  A small How-To on creating your own weaponized WSL file
  ☆115Updated last month
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆39Updated last year
• TierZeroSecurity / edr_blocker
  Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…
  ☆140Updated last year