Unprotect-Project / FuncInEvasionTechniqueDemo
☆31Updated 11 months ago
Related projects ⓘ
Alternatives and complementary repositories for FuncInEvasionTechniqueDemo
- ☆27Updated last year
- Windows AppLocker Driver (appid.sys) LPE☆36Updated 3 months ago
- Giga-byte Control Center (GCC) is a software package designed for improved user experience of Gigabyte hardware, often found in gaming an…☆30Updated last year
- Persistence via Shell Extensions☆63Updated last year
- API Hammering with C++20☆34Updated 2 years ago
- ☆21Updated 6 months ago
- ☆34Updated last year
- Early cascade injection PoC based on Outflanks blog post written in Rust☆19Updated last week
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆38Updated 11 months ago
- ☆27Updated 4 months ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated last year
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆32Updated last year
- stack spoofing☆53Updated this week
- Hooked create process injection for meterpreter☆23Updated 3 years ago
- Self delete DLL (2)☆14Updated 9 months ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆30Updated last year
- A method to execute shellcode using RegisterWaitForInputIdle API.☆51Updated last year
- Threadless injection via TLS callbacks☆15Updated this week
- ☆37Updated 3 weeks ago
- A simple rpc2socks alternative in pure Go.☆24Updated 4 months ago
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆22Updated 2 months ago
- BYOVD collection☆20Updated 8 months ago
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆15Updated last year
- EvtPsst☆54Updated last year
- A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously☆28Updated last year
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆39Updated 11 months ago
- Small tool to play with IOCs caused by Imageload events☆37Updated last year
- Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.☆42Updated 8 months ago