PorLaCola25 / NtCreateUserProcess
☆12Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for NtCreateUserProcess
- A more advanced free and open .NET obfuscator using dnlib.☆10Updated 2 years ago
- ☆20Updated 3 years ago
- My experience using Windows API for offensive purposes��☆17Updated 3 years ago
- ☆26Updated 2 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆26Updated 2 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆15Updated 6 years ago
- Bypass UAC by abusing the Windows Defender Firewall Control Panel, environment variables, and shell protocol handlers☆16Updated 3 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆28Updated 2 years ago
- Execute shellcode with ZwCreateSection, ZwMapViewOfSection, ZwOpenProcess, ZwMapViewOfSection and ZwCreateThreadEx☆14Updated 3 years ago
- ☆18Updated 3 years ago
- ☆15Updated 3 years ago
- Just another casual shellcode native loader☆24Updated 2 years ago
- Process Injection: APC Injection☆27Updated 3 years ago
- Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…☆22Updated 4 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆37Updated 3 years ago
- Collection of shellcode injection and execution techniques☆16Updated 3 years ago
- One gate to all syscalls!☆23Updated 2 years ago
- ☆31Updated 4 years ago
- ☆10Updated 4 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆33Updated 3 years ago
- Dangling COM Keys Finder☆14Updated 3 years ago
- Remote PE reflective injection with a simple reflective loader☆29Updated 5 years ago
- ☆15Updated 2 years ago
- Loads .NET Assembly Via CLR Loader☆14Updated 5 years ago