S12cybersecurity / FreeThreadHijackingLinks
Perform Thread Hijacking Shellcode Injection without OpenProcess and OpenThread mapping all the free handles in memory
☆14Updated last year
Alternatives and similar repositories for FreeThreadHijacking
Users that are interested in FreeThreadHijacking are comparing it to the libraries listed below
Sorting:
- Evasive shellcode loader with indirect syscalls, Thread name-calling allocation, PoolParty injection☆11Updated 7 months ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆24Updated 5 months ago
- Classic Process Injection with Memory Evasion Techniques implemantation☆72Updated last year
- Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…☆12Updated 5 months ago
- BYOVD Technique Example using viragt64 driver☆54Updated last year
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆13Updated 2 years ago
- Standalone Metasploit-like XOR encoder for shellcode☆50Updated last year
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆45Updated last year
- Shellcodev is a tool designed to help and automate the process of shellcode creation.☆111Updated last year
- Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…☆79Updated 3 months ago
- Change hash for a signed pe☆16Updated 2 years ago
- A unique introduction to native runtime obfuscation.☆73Updated 6 months ago
- havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets☆34Updated last year
- Callstack spoofing using a VEH because VEH all the things.☆23Updated 6 months ago
- ☆27Updated 11 months ago
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…☆44Updated last year
- ☆37Updated last year
- 💻 Windows 10 Kernel-mode rootkit☆32Updated 3 years ago
- Multi-component Remote Access Trojan: C++ client (victim), C# server, and Angular frontend.☆32Updated 4 months ago
- using the gpu to hide your payload☆59Updated 3 years ago
- Toolkit of Projects to attack and evade Event Trace for Windows☆19Updated 3 weeks ago
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.☆73Updated last year
- API Hammering with C++20☆49Updated 3 years ago
- Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…☆90Updated 2 months ago
- a demo module for the kaine agent to execute and inject assembly modules☆41Updated last year
- Whenever PowerShell is launched, Notepad will also open. You can customize the script for educational purposes, but I emphasize that I do…☆11Updated 5 months ago
- WinApi Patcher is a straightforward tool leveraging windows API hooking to patch and modify certain behaviors in a targeted environment.☆44Updated last year
- Signature finder (from PE-bear)☆39Updated last month
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆89Updated 2 years ago
- Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver☆50Updated last year