Overwrite a process's recovery callback and execute with WER
☆101Apr 17, 2022Updated 3 years ago
Alternatives and similar repositories for ARCInject
Users that are interested in ARCInject are comparing it to the libraries listed below
Sorting:
- Process Ghosting in C#☆220Jan 24, 2022Updated 4 years ago
- Perun's Fart (Slavic God's Luck). Another method for unhooking AV and EDR, this is my C# version.☆117Dec 26, 2021Updated 4 years ago
- Rewrote HellsGate in C# for fun and learning☆86Feb 10, 2022Updated 4 years ago
- A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC☆374May 24, 2022Updated 3 years ago
- Project Ares is a Proof of Concept (PoC) loader written in C/C++ based on the Transacted Hollowing technique☆338Jan 16, 2022Updated 4 years ago
- You shall pass☆270Jul 16, 2022Updated 3 years ago
- ☆208Apr 5, 2022Updated 3 years ago
- C# version of MDSec's ParallelSyscalls☆142Jan 9, 2022Updated 4 years ago
- Hookers are cooler than patches.☆170Jan 21, 2022Updated 4 years ago
- RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, …☆500Jan 25, 2022Updated 4 years ago
- It stinks☆103Apr 22, 2022Updated 3 years ago
- One gate to all syscalls!☆23Mar 12, 2022Updated 4 years ago
- ☆82Feb 12, 2022Updated 4 years ago
- Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.☆100Mar 27, 2022Updated 3 years ago
- KaynLdr is a Reflective Loader written in C/ASM☆553Dec 3, 2023Updated 2 years ago
- Nim version of MDSec's Parallel Syscall PoC☆124Jan 14, 2022Updated 4 years ago
- An implementation and proof-of-concept of Process Forking.☆230Nov 29, 2021Updated 4 years ago
- C# Utilities for Windows Notification Facility☆159Apr 14, 2025Updated 11 months ago
- ☆61Feb 10, 2022Updated 4 years ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆88Jun 24, 2022Updated 3 years ago
- some gadgets about windows process and ready to use :)☆616Oct 7, 2023Updated 2 years ago
- A collection of weird ways to execute unmanaged code in .NET☆172May 4, 2021Updated 4 years ago
- CreateRemoteThreadPlus: how to pass multiple parameters to the remote thread function without shellcode.☆139Jul 10, 2025Updated 8 months ago
- FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads☆384Apr 16, 2022Updated 3 years ago
- How to spoof the command line when spawning a new process from C#.☆111Dec 28, 2021Updated 4 years ago
- NativePayload_CallBackTechniques C# Codes (Code Execution via Callback Functions Technique, without CreateThread Native API)☆118Jun 7, 2023Updated 2 years ago
- Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.☆18Jan 21, 2022Updated 4 years ago
- Running .NET from VBA☆148Feb 11, 2023Updated 3 years ago
- Detect strange memory regions and DLLs☆190Jan 20, 2022Updated 4 years ago
- Various ways to execute shellcode☆508Mar 13, 2024Updated 2 years ago
- UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red …☆350Jul 3, 2022Updated 3 years ago
- Beacon Object File implementation of Event Viewer deserialization UAC bypass☆133May 6, 2022Updated 3 years ago
- Beacon Object File PoC implementation of KillDefender☆235Apr 12, 2022Updated 3 years ago
- ☆100Mar 31, 2022Updated 3 years ago
- C# code to Sandbox Defender (and most probably other AV/EDRs).☆167Apr 22, 2022Updated 3 years ago
- WIP shellcode loader in nim with EDR evasion techniques☆219Mar 30, 2022Updated 3 years ago
- A PoC project for embedding shellcode to Hint/Name Table☆114May 16, 2022Updated 3 years ago
- Read Memory without ReadProcessMemory for Current Process☆92Feb 13, 2022Updated 4 years ago
- ☆153Jan 6, 2023Updated 3 years ago