Alternatives and similar repositories for NtUnhook

Users that are interested in NtUnhook are comparing it to the libraries listed below

• wsummerhill / DictionShellcode
  Encode shellcode into dictionary words for evasion and entropy reduction
  ☆40Updated last month
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆91Updated 9 months ago
• S12cybersecurity / NinjaInjector
  Classic Process Injection with Memory Evasion Techniques implemantation
  ☆72Updated 2 years ago
• almounah / go-buena-clr
  Good CLR Host with Native patchless AMSI Bypass
  ☆102Updated 9 months ago
• racoten / BetterNetLoader
  A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints
  ☆121Updated 7 months ago
• vulnableone / BypassX
  The Swiss army knife of evasion tool that bypasses AMSI, Applocker, and CLM mode simultaneously.
  ☆27Updated last year
• 0xNinjaCyclone / AsmLdr
  Dynamic shellcode loader with sophisticated evasion capabilities
  ☆282Updated 4 months ago
• RayRRT / ESC1-unPAC
  A Beacon Object File (BOF) that performs the complete ESC1 attack chain in a single execution: certificate request with arbitrary SAN (+S…
  ☆113Updated last month
• Maldev-Academy / AlphabeticalPolyShellGen
  Generate an Alphabetical Polymorphic Shellcode
  ☆135Updated 5 months ago
• vvswift / Bypass-Protection0x00
  EDR & AV Bypass Arsenal— a comprehensive collection of tools, patches, and techniques for evading modern EDR and antivirus defenses.
  ☆50Updated 2 months ago
• brosck / L1LKiller
  「⚠️」Performing a BYOVD on the truesight.sys driver
  ☆44Updated last year
• ricardojoserf / SharpNado
  Repository to gather the .NET malware I will be developing
  ☆18Updated 10 months ago
• Retr0-code / hash-dumper
  Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…
  ☆66Updated 2 years ago
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆101Updated last year
• Sh3lldon / HellsVectoredGate
  ☆54Updated 3 months ago
• MzHmO / DebugAmsi
  DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.
  ☆102Updated 2 years ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆84Updated last year
• ShigShag / AMSI-Bypass-via-Page-Guard-Exceptions
  Shellcode and In-PowerShell solution for patching AMSI via Page Guard Exceptions
  ☆63Updated 2 months ago
• casp3r0x0 / CortexRansomBypass
  Cortex EDR Ransomware protection Bypass
  ☆25Updated last year
• gerbsec / SmokeyObfuscator
  Rewrite to fit my needs
  ☆32Updated last year
• S12cybersecurity / GhostlyHollowingCrypter
  Advanced in-memory process injection using transient SEC_IMAGE sections, custom crypter, and ADS payload delivery no disk traces, maximum…
  ☆17Updated 7 months ago
• paranoidninja / BRC4-BOF-Artillery
  ☆145Updated 3 months ago
• KingOfTheNOPs / Get-NetNTLM
  Internal Monologue BOF
  ☆79Updated last year
• CodeXTF2 / CustomC2ChannelTemplate
  template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.
  ☆101Updated last month
• p4p1 / havoc-privkit
  a port of privkit bof for havoc
  ☆23Updated 2 years ago
• patrickt2017 / VEHNetLoader
  Another version of .NET loader provides capabilities of bypassing ETW and AMSI, utilizing VEH for syscalls and loading .NET assemblies
  ☆49Updated 7 months ago
• dmcxblue / PyObscura
  A python script that automates a C2 Profile build
  ☆48Updated last month
• sexyiam / UAC-Bypass
  UAC Bypass via CMUACUtil & PEB Enumeration, Undetected for now.
  ☆52Updated last year
• fanbyprinciple / bin2shellcode
  .bin file to shellcode convertor
  ☆39Updated last year
• mwnickerson / COMHijackBOF
  ☆37Updated 2 months ago