a7t0fwa7 / SymProcSleuthView external linksLinks
A pure C version of SymProcAddress
☆30Mar 17, 2024Updated last year
Alternatives and similar repositories for SymProcSleuth
Users that are interested in SymProcSleuth are comparing it to the libraries listed below
Sorting:
- NimReflectiveLoader is a Nim-based tool for in-memory DLL execution using Reflective DLL Loading.☆30Jan 21, 2024Updated 2 years ago
- A tracker DLL which enables 'NTAPI->Syscall' tracking whenever it is loaded. It calls 'NtSetInformationProcess' API call with a callback …☆14Oct 21, 2024Updated last year
- all random stuff that dont warrant a seperate repo☆12Sep 2, 2022Updated 3 years ago
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆64Dec 16, 2023Updated 2 years ago
- asynchronous SSH client in Python☆11Oct 29, 2025Updated 3 months ago
- RID Hijacking Proof of Concept script by Kevin Joyce☆15Oct 30, 2018Updated 7 years ago
- EventLogSilencer is a PowerShell script designed for disable Windows Event Logging☆18Oct 28, 2023Updated 2 years ago
- A C# port from Invoke-GhostTask☆119Jan 5, 2024Updated 2 years ago
- Most Responder's configuration power in your hand.☆53Jan 19, 2025Updated last year
- Manually perform syscalls without going through any external API or DLL.☆19Apr 19, 2023Updated 2 years ago
- ☆19Nov 28, 2024Updated last year
- Repository to gather the .NET malware I will be developing☆18Mar 23, 2025Updated 10 months ago
- Remote Template Injection Toolkit☆48Apr 7, 2024Updated last year
- Artemis - C++ Hell's Gate Syscall Implementation☆34Aug 16, 2023Updated 2 years ago
- Self Delete DLL☆23Feb 15, 2024Updated last year
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆71Feb 11, 2024Updated 2 years ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆79Dec 23, 2023Updated 2 years ago
- Threadless shellcode injection tool☆68Aug 5, 2024Updated last year
- ☆126Sep 1, 2024Updated last year
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆44Jan 10, 2024Updated 2 years ago
- in-process powershell runner for BRC4☆48Oct 31, 2023Updated 2 years ago
- NT AUTHORITY\SYSTEM☆43Jul 8, 2020Updated 5 years ago
- ☆83Aug 26, 2024Updated last year
- windows-operating-system-archaeology @Enigma0x3 @subTee☆23Apr 22, 2017Updated 8 years ago
- .NET port of Leron Gray's azbelt tool.☆26Sep 21, 2023Updated 2 years ago
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆58Feb 20, 2022Updated 3 years ago
- PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook☆12May 30, 2024Updated last year
- Work, timer, and wait callback example using solely Native Windows APIs.☆88Feb 11, 2024Updated 2 years ago
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆46Jul 29, 2024Updated last year
- ☆33Jan 23, 2025Updated last year
- List the ETW provider(s) in the registration table of a process.☆80Sep 20, 2023Updated 2 years ago
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115May 21, 2023Updated 2 years ago
- Threadless Injection Payload Toolkit☆12Oct 12, 2023Updated 2 years ago
- Poshito is a Windows C2 over Telegram☆18Oct 30, 2024Updated last year
- Malware dev tricks. Syscalls part 1. Simple C example☆10Jun 8, 2023Updated 2 years ago
- A step-by-step walkthrough of how to write a Client and a Driver to communicate with each other and boost the priority of a thread.☆17Dec 12, 2023Updated 2 years ago
- Extracting NetNTLM without touching lsass.exe☆242Nov 27, 2023Updated 2 years ago
- Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)☆144Mar 16, 2024Updated last year
- Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…☆269Oct 31, 2024Updated last year