aaaddress1 / dnLauncher
☆36Updated 3 years ago
Alternatives and similar repositories for dnLauncher:
Users that are interested in dnLauncher are comparing it to the libraries listed below
- A small commented POC for removing API hooks placed by AV/EDR.☆34Updated 4 years ago
- A simple dumper as FreshyCalls' PoC. That's what's trendy, isn't it? ¯\_(ツ)_/¯☆40Updated 4 years ago
- ☆62Updated 3 years ago
- Clone running process with ZwCreateProcess☆57Updated 4 years ago
- ☆39Updated 4 years ago
- ☆70Updated 2 months ago
- A simple POC to demonstrate the power of .NET debugging for injection☆72Updated 4 years ago
- Resolve syscall numbers at runtime for all Windows versions.☆61Updated 5 months ago
- A simple COM server which provides a component to run shellcode☆134Updated 4 years ago
- Recreating and reviewing the Windows persistence methods☆38Updated 3 years ago
- Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used☆93Updated 3 years ago
- Weaponizing Gigabyte driver for priv escalation and bypass PPL☆68Updated 5 years ago
- Files for http://deniable.org/windows/windows-callbacks☆25Updated 4 years ago
- APC DLL Injector with NtQueueApcThread and wake up thread support☆43Updated 7 years ago
- SharpASM is a C# project that aims to automate ASM (i.e. shellcode) execution in .NET programs by exploiting code caves in RWX sections a…☆57Updated 2 years ago
- Uses WMI Event Win32_ModuleLoadTrace to monitor module loading. Provides filters, and detailed data. Has an option to monitor for CLR Inj…☆41Updated 5 years ago
- ☆50Updated 4 years ago
- CSharp Writeups for HackSys Extreme Vulnerable Driver☆43Updated 3 years ago
- ☆31Updated 4 years ago
- ☆82Updated 3 years ago
- ☆15Updated 4 years ago
- A PoC tool for exploiting leaked process and thread handles☆30Updated last year
- A kernel mode Windows rootkit in development.☆48Updated 3 years ago
- Sysmon shenanigans☆65Updated 4 years ago
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆54Updated 2 years ago
- Enabled / Disable LSA Protection via BYOVD☆67Updated 3 years ago
- Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits☆28Updated 2 years ago
- DoppelGate relies on reading ntdll on disk to grab syscall stubs, and patches these syscall stubs into desired functions to bypass Userla…☆121Updated 3 years ago
- Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping☆54Updated 2 years ago
- A tool to create COM class/interface relationships in neo4j☆49Updated 2 years ago