Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current process
☆21Jan 28, 2024Updated 2 years ago
Alternatives and similar repositories for EnumSSN
Users that are interested in EnumSSN are comparing it to the libraries listed below
Sorting:
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- A tool to dump users's .plist on a Mac OS system and to convert them into a crackable hash☆51Oct 12, 2024Updated last year
- Identify binaries with Authenticode digital signatures signed to an internal CA/domain☆40Feb 6, 2024Updated 2 years ago
- A graphical automation to monitor if backdoors/default settings are still active on the compromised machines over time.☆45Mar 8, 2024Updated last year
- A utility that can be used to launch an executable with a DLL injected☆19Nov 20, 2023Updated 2 years ago
- CVE-2023-22527 - RCE (Remote Code Execution) Vulnerability In Confluence Data Center and Confluence Server PoC☆25Jan 23, 2024Updated 2 years ago
- Scan websites CSP policies and visualise their vunlnerabilities from a dashboard☆13Mar 11, 2025Updated 11 months ago
- Eset-Unload is a C++ tool that interacts with a process's loaded modules to identify and unload the ebehmoni.dll module, typically found …☆12Apr 21, 2025Updated 10 months ago
- Analyzes AdminSDHolder permissions & compares with default baseline or a previous run, to detect potential backdoor/excessive persistent …☆15Apr 8, 2025Updated 10 months ago
- ☆120Jan 30, 2024Updated 2 years ago
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆14Jan 28, 2022Updated 4 years ago
- ALPChecker - a tool to detect spoofing and blinding attacks on the ALPC interaction☆13Feb 13, 2023Updated 3 years ago
- Example code samples from our ScriptBlock Smuggling Blog post☆95Jun 18, 2024Updated last year
- Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation☆31Sep 24, 2022Updated 3 years ago
- 针对多个框架的高度自定义的内存马一键打入工具 | A highly customized memory shell one-click injection tool for multiple frameworks☆49Feb 6, 2024Updated 2 years ago
- Implementation of Indirect Syscall technique to pop a calc.exe☆113Jan 25, 2024Updated 2 years ago
- ☆124Aug 24, 2025Updated 6 months ago
- Work, timer, and wait callback example using solely Native Windows APIs.☆88Feb 11, 2024Updated 2 years ago
- A Series of Tweets☆15Jan 30, 2024Updated 2 years ago
- Linux Sleep Obfuscation☆112Jan 7, 2024Updated 2 years ago
- Just another Process Injection using Process Hollowing technique.☆18Sep 18, 2023Updated 2 years ago
- Indirect Syscall invocation via thread hijacking☆26May 5, 2023Updated 2 years ago
- javascript extension of windbg for hacker.☆18Jun 27, 2023Updated 2 years ago
- ☆35Dec 6, 2023Updated 2 years ago
- payload Execution by Fake Windows SmartScreen with requires Administrator privileges & Turn off real SmartScreen Filter☆112Jan 12, 2024Updated 2 years ago
- Execute shellcode files with rundll32☆216Jan 28, 2024Updated 2 years ago
- C# implementation of Get-AADIntSyncCredentials from AADInternals, which extracts Azure AD Connect credentials to AD and Azure AD from AAD…☆45Jun 24, 2023Updated 2 years ago
- CVE-2013-4786 Go exploitation tool☆40Nov 18, 2025Updated 3 months ago
- DFSCoerce exe revisited version with custom authentication☆42Jan 13, 2024Updated 2 years ago
- MSBuild AL bypass☆18Mar 9, 2023Updated 2 years ago
- Single file php webshell scanner to detect potentially malicious backdoor based on token and hash with web interface☆79Updated this week
- PacketSpy☆157May 31, 2024Updated last year
- PoC showcasing new DarkGate Install Script retrieval technique via DNS TXT Record☆44Dec 15, 2023Updated 2 years ago
- LSTAR - CobaltStrike Translated to EN☆22Jun 15, 2023Updated 2 years ago
- Burp extension used to snip any header from all the requests.☆23Nov 12, 2023Updated 2 years ago
- Reverse shell that can bypass windows defender detection☆170Feb 3, 2024Updated 2 years ago
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆90Feb 3, 2024Updated 2 years ago
- Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution☆199May 29, 2025Updated 9 months ago
- Loading and executing shellcode in C# without PInvoke.☆22Jan 10, 2022Updated 4 years ago