Unprotect-Project / FuncInEvasionTechniqueDemo

Related projects ⓘ

Alternatives and complementary repositories for FuncInEvasionTechniqueDemo

• bluefrostsecurity / Windows-Drive-Remapping-EoP
  ☆26Updated 11 months ago
• rbmm / SDD2
  Self delete DLL (2)
  ☆14Updated 8 months ago
• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆35Updated 3 months ago
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆34Updated 2 years ago
• xforcered / DayBird
  Extension functionality for the NightHawk operator client
  ☆26Updated last year
• fin3ss3g0d / HookFinder
  Simple PoC to locate hooked functions by EDR in ntdll.dll
  ☆32Updated last year
• b4rth0v5k1 / EarlyBirdNTDLL
  ☆34Updated last year
• Offensive-Panda / D3MPSEC
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆21Updated last month
• hackerhouse-opensource / Gigabyte_ElevatePersist
  Giga-byte Control Center (GCC) is a software package designed for improved user experience of Gigabyte hardware, often found in gaming an…
  ☆30Updated last year
• HulkOperator / AuthStager
  ☆35Updated 2 weeks ago
• RixedLabs / IDLE-Abuse
  A method to execute shellcode using RegisterWaitForInputIdle API.
  ☆51Updated last year
• Kharos102 / ReadWriteDriverSample
  ☆21Updated 6 months ago
• attl4s / freeMetsrvLoader
  freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package
  ☆34Updated last year
• rbmm / Hollowed-Process
  ☆25Updated 3 weeks ago
• caueb / ThreadlessStompingKann
  Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.
  ☆37Updated 10 months ago
• susMdT / effective-waffle
  yet another sleep encryption thing. also used the default github repo name for this one.
  ☆69Updated last year
• Faran-17 / EarlyBird-APC-Injection
  Demonstration of Early Bird APC Injection - MITRE ID T1055.004
  ☆30Updated last year
• EspressoCake / DefenderPathExclusions
  Creation and removal of Defender path exclusions and exceptions in C#.
  ☆30Updated last year
• MaorSabag / HollowMask
  Just another Process Injection using Process Hollowing technique.
  ☆16Updated last year
• atabetnouhaila / API-hashing
  ☆18Updated last month
• rbmm / DirectSysCall
  ☆12Updated last year
• 0xsp-SRD / PAS-mini-c2c-
  ☆12Updated 2 years ago
• outflanknl / unmanaged-dotnet-patch
  Modify managed functions from unmanaged code
  ☆49Updated 9 months ago
• NtDallas / KrakenMask
  Sleep obfuscation
  ☆47Updated this week
• matterpreter / cpuid
  A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class
  ☆24Updated last year
• keowu / InstrumentationCallbackToolKit
  A fast method to intercept syscalls from any user-mode process using InstrumentationCallback and detect any process using Instrumentation…
  ☆22Updated last year
• dobin / RedEdr
  Collect Windows telemetry for Maldev
  ☆36Updated this week
• lleon1435 / Kernel_VADInjector
  Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver
  ☆51Updated last year