A small commented POC for removing API hooks placed by AV/EDR.
☆34Jun 12, 2020Updated 5 years ago
Alternatives and similar repositories for UnhookingPOC
Users that are interested in UnhookingPOC are comparing it to the libraries listed below
Sorting:
- A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading☆84Nov 21, 2022Updated 3 years ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆140Sep 12, 2022Updated 3 years ago
- C++ function that will automagically unhook a specified Windows API☆62Oct 14, 2020Updated 5 years ago
- Dll injector POC for new handle stealing technique☆21Oct 8, 2017Updated 8 years ago
- Process Hollowing for 32 bit and 64 bit☆79Nov 10, 2017Updated 8 years ago
- Disable PPL via custom driver and dump lsass☆15Mar 13, 2021Updated 5 years ago
- Reflective DLL that hooks the creation of the UAC prompt popped by explorer.exe for privilege escalation.☆22Feb 20, 2021Updated 5 years ago
- ☆11Feb 19, 2023Updated 3 years ago
- A simple dumper as FreshyCalls' PoC. That's what's trendy, isn't it? ¯\_(ツ)_/¯☆38Dec 13, 2020Updated 5 years ago
- Python script to patch the reflective stub in a DLL☆24Apr 9, 2017Updated 8 years ago
- This is a simple tool to remove the "Rich" header from binaries (EXE or DLL files) created by M$ development tools.☆33Feb 3, 2021Updated 5 years ago
- No one writes dumb malware anymore. This is a repo for dumb malware.☆10Apr 18, 2017Updated 8 years ago
- Strstr with user-supplied needle and filename as a BOF.☆32Sep 27, 2021Updated 4 years ago
- Windows Application Loader Running *.Exe files in Memory against Scrylla☆21Dec 20, 2019Updated 6 years ago
- A tool to create COM class/interface relationships in neo4j☆50Oct 12, 2022Updated 3 years ago
- Minimal Intervention and Software Transformation - PoC Packer designed for AV detection bypass☆18Nov 4, 2017Updated 8 years ago
- Universal Unhooking☆326Sep 19, 2018Updated 7 years ago
- Tool for dictionary attack with fail2ban bypass.☆10May 17, 2018Updated 7 years ago
- Lightweight library which allows the ability to map both native and managed assemblies into memory by either using process injection of a…☆32May 1, 2020Updated 5 years ago
- Research project for understanding how Mimikatz work and become better at C☆123Oct 22, 2021Updated 4 years ago
- DInvisibleRegistry☆83Nov 20, 2020Updated 5 years ago
- Library for using direct system calls☆35Jan 30, 2025Updated last year
- ☆41Jul 4, 2018Updated 7 years ago
- Reflective DLL Injection style process infector☆20Jul 23, 2018Updated 7 years ago
- A simple tool for parsing elf binaries☆10Aug 18, 2019Updated 6 years ago
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆53May 21, 2020Updated 5 years ago
- Etwti-UnhookPOC just for test☆12Aug 23, 2022Updated 3 years ago
- ☆44Oct 16, 2023Updated 2 years ago
- Code Injector Using Code Caves☆15Jul 12, 2015Updated 10 years ago
- Change up a binary's embedded resources with this little creature.☆36Mar 24, 2020Updated 5 years ago
- C# Implementation of the Hell's Gate VX Technique☆216Jun 30, 2020Updated 5 years ago
- A simple BOF that disables some logging with NtSetInformationProcess☆14Oct 13, 2023Updated 2 years ago
- Dynamic native library loader for .NET☆11Jan 29, 2025Updated last year
- 获取浏览器保存密码,支持IE、Chrome和火狐☆12Oct 30, 2019Updated 6 years ago
- Provides the ability to patch/hook functions imported by a dll or executable☆35May 31, 2010Updated 15 years ago
- ☆53Nov 11, 2021Updated 4 years ago
- Simple shellcode injector.☆13Jan 6, 2019Updated 7 years ago
- Control Panel and Builder (Working)☆10Apr 15, 2017Updated 8 years ago
- StenographyShellcodeLoader☆43Sep 8, 2020Updated 5 years ago