Alternatives and similar repositories for Hooker

Users that are interested in Hooker are comparing it to the libraries listed below

• rad9800 / FileRenameJunctionsEDRDisable
  ☆155Updated 6 months ago
• MythicAgents / Hannibal
  A Mythic Agent written in PIC C.
  ☆190Updated 4 months ago
• ioncodes / SilentLoad
  "Service-less" driver loading
  ☆155Updated 6 months ago
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆63Updated last year
• ricardojoserf / NativeTokenImpersonate
  Impersonate Tokens using only NTAPI functions
  ☆75Updated 2 months ago
• silentwarble / PIC-Library
  A collection of position independent coding resources
  ☆79Updated 4 months ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆73Updated 10 months ago
• 0xsch1zo / NullGate
  Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.
  ☆110Updated last month
• xforcered / Being-A-Good-CLR-Host
  ☆110Updated 5 months ago
• oldboy21 / JayFinder
  Find DLLs with RWX section
  ☆81Updated last year
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆46Updated last year
• klezVirus / koppeling-p
  Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
  ☆78Updated 10 months ago
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆90Updated last year
• Octoberfest7 / Enumprotections_BOF
  A BOF to enumerate system process, their protection levels, and more.
  ☆116Updated 6 months ago
• EvilBytecode / EvilByte-Remote-AMSI-Bypass
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆44Updated last month
• xpn / CloudInject
  ☆110Updated 7 months ago
• naksyn / ProcessStomping
  A variation of ProcessOverwriting to execute shellcode on an executable's section
  ☆148Updated last year
• Karkas66 / CelestialSpark
  Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
  ☆103Updated 2 months ago
• EvilBytecode / Lifetime-Amsi-EtwPatch
  Two in one, patch lifetime powershell console, no more etw and amsi!
  ☆92Updated last month
• rbmm / SC
  shell code example
  ☆49Updated last month
• decoder-it / ChgPass
  ☆132Updated 4 months ago
• NtDallas / Svartalfheim
  Stage 0
  ☆161Updated 6 months ago
• paranoidninja / BRC4-BOF-Artillery
  ☆108Updated 3 months ago
• MaorSabag / Paruns-Fart
  Just another ntdll unhooking using Parun's Fart technique
  ☆75Updated 2 years ago
• Octoberfest7 / enumhandles_BOF
  ☆125Updated 9 months ago
• xforcered / ForsHops
  ForsHops
  ☆139Updated 2 months ago
• akamai / Mirage
  Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.
  ☆82Updated 4 months ago
• MzHmO / DebugAmsi
  DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.
  ☆97Updated last year
• synacktiv / DLHell
  Local & remote Windows DLL Proxying
  ☆164Updated last year
• x0reaxeax / PageSplit
  Splitting and executing shellcode across multiple pages
  ☆103Updated 2 years ago