ProcessusT / UnhookingDLL
This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hollowing
☆67Updated last year
Alternatives and similar repositories for UnhookingDLL:
Users that are interested in UnhookingDLL are comparing it to the libraries listed below
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆82Updated last year
- Patch AMSI and ETW in remote process via direct syscall☆81Updated 2 years ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆101Updated 2 years ago
- DLL Exports Extraction BOF with optional NTFS transactions.☆81Updated 3 years ago
- I have documented all of the AMSI patches that I learned till now☆74Updated last year
- SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and publishe…☆51Updated 2 years ago
- abusing Process Hacker driver to terminate other processes (BYOVD)☆81Updated last year
- ☆36Updated 2 years ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆84Updated 2 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆87Updated 2 years ago
- Red Team Operation's Defense Evasion Technique.☆52Updated 9 months ago
- ☆78Updated last year
- ☆47Updated 2 years ago
- Sleep Obfuscation☆43Updated 2 years ago
- A collection of (even more) alternative shellcode callback methods in CSharp☆69Updated 4 months ago
- Various methods of executing shellcode☆68Updated last year
- NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing R…☆58Updated last year
- Do some DLL SideLoading magic☆79Updated last year
- Classic Process Injection with Memory Evasion Techniques implemantation☆68Updated last year
- ☆127Updated last year
- This program is used to perform reflective DLL Injection to a remote process specified by the user.☆65Updated last year
- API Hammering with C++20☆45Updated 2 years ago
- Encode shellcode into dictionary words for evasion and entropy reduction☆23Updated 4 months ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆62Updated last year
- Halos Gate-based NTAPI Unhooker☆50Updated 2 years ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆42Updated last year
- lsassdump via RtlCreateProcessReflection and NanoDump☆80Updated 4 months ago
- Beacon Object File allowing creation of Beacons in different sessions.☆78Updated 2 years ago
- Artemis - C++ Hell's Gate Syscall Implementation☆32Updated last year
- ☆115Updated last year