ZeroPointSecurity / PInvoke
☆52Updated last month
Alternatives and similar repositories for PInvoke:
Users that are interested in PInvoke are comparing it to the libraries listed below
- Find DLLs with RWX section☆76Updated last year
- ☆127Updated last year
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆82Updated last year
- Simple BOF to read the protection level of a process☆114Updated last year
- Lateral Movement via the .NET Profiler☆79Updated 3 months ago
- ☆120Updated last year
- ☆107Updated 3 months ago
- Implant drop-in for EDR testing☆135Updated last year
- lsassdump via RtlCreateProcessReflection and NanoDump☆78Updated 4 months ago
- I have documented all of the AMSI patches that I learned till now☆74Updated last year
- Just another ntdll unhooking using Parun's Fart technique☆73Updated 2 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆78Updated 2 years ago
- Bypassing Amsi using LdrLoadDll☆37Updated last month
- ☆134Updated last year
- Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies☆116Updated 9 months ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆87Updated 2 years ago
- ☆88Updated 2 years ago
- Do some DLL SideLoading magic☆79Updated last year
- Create Anti-Copy DRM Malware☆52Updated 6 months ago
- Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).☆135Updated 2 years ago
- ☆77Updated last year
- C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.☆103Updated last year
- Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms☆115Updated 2 years ago
- ☆115Updated last year
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆86Updated 8 months ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆101Updated last year
- POC tools for exploring SMB over QUIC protocol☆121Updated 2 years ago
- ☆97Updated last year
- ☆37Updated 2 years ago
- ☆76Updated last year