Unprotect-Project / FuncInEvasionTechniqueDemo
☆33Updated last year
Alternatives and similar repositories for FuncInEvasionTechniqueDemo:
Users that are interested in FuncInEvasionTechniqueDemo are comparing it to the libraries listed below
- Persistence via Shell Extensions☆64Updated last year
- ☆29Updated last year
- https://github.com/janoglezcampos/c_syscalls with the ASM rewritten by myself for Visual Studio's Compiler.☆30Updated 9 months ago
- Small tool to play with IOCs caused by Imageload events☆42Updated last year
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆24Updated 6 months ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 2 years ago
- Self delete DLL (2)☆14Updated last year
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆30Updated last year
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆36Updated last year
- A simple rpc2socks alternative in pure Go.☆28Updated 8 months ago
- API Hammering with C++20☆45Updated 2 years ago
- ☆24Updated last month
- Extension functionality for the NightHawk operator client☆27Updated last year
- Windows AppLocker Driver (appid.sys) LPE☆53Updated 8 months ago
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆26Updated last year
- ☆18Updated 5 months ago
- A pure C version of SymProcAddress☆26Updated last year
- ☆29Updated 3 months ago
- Threadless injection via TLS callbacks☆16Updated 4 months ago
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆76Updated 7 months ago
- DFSCoerce exe revisited version with custom authentication☆38Updated last year
- ☆20Updated 3 weeks ago
- ☆54Updated 5 months ago
- ☆36Updated 2 years ago
- Hooked create process injection for meterpreter☆23Updated 3 years ago
- in-process powershell runner for BRC4☆45Updated last year
- BOF for C2 framework☆40Updated 4 months ago
- Folder Or File Delete to Get System Shell on Current Session Desktop☆38Updated 2 months ago
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆44Updated last year
- Exploiting the KsecDD Windows driver through Server Silos☆50Updated 4 months ago