bharadwajyas / ppdump-publicView external linksLinks
Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDump() Shellcode
☆25Mar 26, 2020Updated 5 years ago
Alternatives and similar repositories for ppdump-public
Users that are interested in ppdump-public are comparing it to the libraries listed below
Sorting:
- allowing um r/w through km from um ioctl ™☆11Jan 2, 2022Updated 4 years ago
- Preventing 3rd Party DLLs from Injecting into your Malware☆25Aug 31, 2021Updated 4 years ago
- DLL Unhooking☆13Mar 26, 2021Updated 4 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆37Jul 27, 2021Updated 4 years ago
- C# code to run PIC using CreateThread☆17Apr 19, 2019Updated 6 years ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆14Sep 30, 2022Updated 3 years ago
- Function hooks in Windows NT Kernel☆27Oct 13, 2020Updated 5 years ago
- ☆32Jul 2, 2020Updated 5 years ago
- Simple and sane cryptographic wrapper library.☆27Apr 21, 2023Updated 2 years ago
- DPX - the Doge Packer for eXecutables☆30Dec 21, 2021Updated 4 years ago
- ☆30Oct 13, 2020Updated 5 years ago
- Spin up a reverse proxy quickly on Heroku☆15Dec 5, 2020Updated 5 years ago
- Rust Weaponization for Red Team Engagements.☆15Oct 9, 2021Updated 4 years ago
- Subtract one PE file from another!☆20Oct 1, 2021Updated 4 years ago
- impersonate trustedinstaller by fiddling with tokens☆17Aug 30, 2021Updated 4 years ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆115Feb 27, 2021Updated 4 years ago
- Custom implementation of DbgHelp's MiniDumpWriteDump function. Uses static syscalls to replace low-level functions like NtReadVirtualMemo…☆128Jan 18, 2022Updated 4 years ago
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆49Mar 15, 2023Updated 2 years ago
- API Hammering with C++20☆50Jul 21, 2022Updated 3 years ago
- Like Hell's Gate but more EGG :)☆20Mar 11, 2022Updated 3 years ago
- Implementation of b4rtiks's SharpMiniDump using NTFS transactions to avoid writting the minidump to disk and exfiltrating it via HTTPS us…☆71Nov 14, 2020Updated 5 years ago
- bypass UAC even when configured to always notify user☆29Aug 31, 2021Updated 4 years ago
- golang amsi bypass☆30Dec 4, 2021Updated 4 years ago
- A repo to hold any bypasses I work on/study/whatever☆19Dec 30, 2020Updated 5 years ago
- This project is created for research into antivirus evasion by unhooking.☆18Sep 2, 2021Updated 4 years ago
- ☆18Aug 15, 2021Updated 4 years ago
- 优化了GetSystemEarlyBird的代码结构☆21Jun 24, 2020Updated 5 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆27Apr 21, 2022Updated 3 years ago
- An implementation and proof-of-concept of Process Forking.☆230Nov 29, 2021Updated 4 years ago
- Exactly what it sounds like, which is something rad☆22Oct 12, 2022Updated 3 years ago
- A simple hidden vnc.☆33Feb 19, 2021Updated 4 years ago
- Golang implementation of Reflective load PE from memory☆64Jan 10, 2022Updated 4 years ago
- Beacon Object Files.☆36Feb 26, 2024Updated last year
- A small NtCreateUserProcess PoC that spawns a Command prompt.☆102Aug 25, 2022Updated 3 years ago
- post exploitation user monitoring tool☆20Jul 3, 2018Updated 7 years ago
- A collection of weird ways to execute unmanaged code in .NET☆174May 4, 2021Updated 4 years ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆101Feb 28, 2023Updated 2 years ago
- ☆113Oct 10, 2022Updated 3 years ago
- Call NtCreateUserProcess directly as normal.☆76May 17, 2022Updated 3 years ago