DynamicSyscalls is a library written in .net resolves the syscalls dynamically (Has nothing to do with hooking/unhooking)
☆66Nov 13, 2022Updated 3 years ago
Alternatives and similar repositories for DynamicSyscalls
Users that are interested in DynamicSyscalls are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Hookers are cooler than patches.☆171Jan 21, 2022Updated 4 years ago
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆20Apr 17, 2023Updated 3 years ago
- ☆121Dec 23, 2022Updated 3 years ago
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆167Mar 1, 2024Updated 2 years ago
- Simple BOF to read the protection level of a process☆123May 10, 2023Updated 3 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Infect Shared Files In Memory for Lateral Movement☆192Dec 14, 2022Updated 3 years ago
- Use GZip to compress your .NET assemblies for loading with AssemblyResolve.☆20Apr 11, 2014Updated 12 years ago
- ☆157Oct 2, 2023Updated 2 years ago
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆41Dec 8, 2023Updated 2 years ago
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆673Dec 23, 2022Updated 3 years ago
- Script to use SysWhispers2 direct system calls from Cobalt Strike BOFs☆125May 24, 2022Updated 4 years ago
- Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post☆133Jan 14, 2023Updated 3 years ago
- The code is a pingback to the Dark Vortex blog:☆190Jan 26, 2023Updated 3 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆305Oct 26, 2022Updated 3 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Swift code to run a dylib on disk☆16May 9, 2022Updated 4 years ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆32Nov 1, 2023Updated 2 years ago
- CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process inject…☆241Jan 4, 2023Updated 3 years ago
- Use to copy a file from an NTFS partitioned volume by reading the raw volume and parsing the NTFS structures.☆119Apr 22, 2021Updated 5 years ago
- One gate to all syscalls!☆23Mar 12, 2022Updated 4 years ago
- Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.☆16Jan 21, 2022Updated 4 years ago
- A .NET malware loader, using API-Hashing to evade static analysis☆208May 30, 2023Updated 3 years ago
- Python module for running BOFs☆80Nov 28, 2025Updated 7 months ago
- Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms☆138Dec 20, 2022Updated 3 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- in-process powershell runner for BRC4☆48Oct 31, 2023Updated 2 years ago
- Playing with PE's and Building Structures by Hand☆22Apr 21, 2022Updated 4 years ago
- Get-PDInvokeImports is tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke u…☆54Apr 10, 2022Updated 4 years ago
- .NET assembly loader with patchless AMSI and ETW bypass☆386Apr 19, 2023Updated 3 years ago
- Rewrote HellsGate in C# for fun and learning☆85Feb 10, 2022Updated 4 years ago
- A C# port of the MinHook API hooking library☆55Oct 5, 2022Updated 3 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆97Mar 8, 2023Updated 3 years ago
- C# Reflective loader for unmanaged binaries.☆447Jan 25, 2023Updated 3 years ago
- Deleting Shadow Copies In Pure C++☆118Oct 31, 2022Updated 3 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Repo for The Crown: Exploratory Analysis of Nim Malware DEF CON 615 talk☆46Jan 23, 2022Updated 4 years ago
- PoC for detecting and evading ETW detection of .Net Assembly.Load☆22Aug 26, 2020Updated 5 years ago
- ☆39Sep 26, 2022Updated 3 years ago
- ☆26Mar 10, 2022Updated 4 years ago
- A C# tool to output crackable DPAPI hashes from user MasterKeys☆147Jun 12, 2026Updated 2 weeks ago
- Abusing Remote Windows SMB Shares for Fun and Pen Testing☆15May 23, 2023Updated 3 years ago
- YouTube/Livestream project for obfuscating C# source code using Roslyn☆129May 9, 2021Updated 5 years ago