codewhitesec/SysmonEnte external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

codewhitesec/SysmonEnte

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/codewhitesec/SysmonEnte)

Close

codewhitesec / SysmonEnteView on GitHubMore

• External links
• Readme badge

☆84Oct 18, 2022Updated 3 years ago

Alternatives and similar repositories for SysmonEnte

Users that are interested in SysmonEnte are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• thefLink / DeepSleep

  View on GitHub
  A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC
  ☆379May 24, 2022Updated 3 years ago
• rbmm / LIB

  View on GitHub
  ☆10Apr 19, 2026Updated last month
• rad9800 / misc

  View on GitHub
  miscellaneous scripts and programs
  ☆285May 13, 2026Updated last week
• Bw3ll / ShellWasp

  View on GitHub
  ShellWasp is a tool to help build shellcode that utilizes Windows syscalls, while overcoming the portability problem associated with Wind…
  ☆173Apr 12, 2026Updated last month
• waldo-irc / YouMayPasser

  View on GitHub
  You shall pass
  ☆270Jul 16, 2022Updated 3 years ago
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• janoglezcampos / c_syscalls

  View on GitHub
  Single stub direct and indirect syscalling with runtime SSN resolving for windows.
  ☆141Sep 12, 2022Updated 3 years ago
• janoglezcampos / DeathSleep

  View on GitHub
  A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…
  ☆536Aug 1, 2022Updated 3 years ago
• trustedsec / CS_COFFLoader

  View on GitHub
  ☆138Dec 4, 2023Updated 2 years ago
• Idov31 / Cronos

  View on GitHub
  PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.
  ☆625Sep 26, 2023Updated 2 years ago
• FalconForceTeam / BOF2shellcode

  View on GitHub
  POC tool to convert CobaltStrike BOF files to raw shellcode
  ☆223Nov 5, 2021Updated 4 years ago
• rasta-mouse / Rosplant

  View on GitHub
  ☆53Sep 16, 2021Updated 4 years ago
• rad9800 / VehApiResolve

  View on GitHub
  ☆119Aug 7, 2022Updated 3 years ago
• outflanknl / unmanaged-dotnet-patch

  View on GitHub
  Modify managed functions from unmanaged code
  ☆53Feb 1, 2024Updated 2 years ago
• G0ldenGunSec / SharpTransactedLoad

  View on GitHub
  Load .net assemblies from memory while having them appear to be loaded from an on-disk location.
  ☆173May 5, 2021Updated 5 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• shlyuz / teamserver

  View on GitHub
  ☆12Jun 22, 2022Updated 3 years ago
• nettitude / RunOF

  View on GitHub
  ☆153Jan 6, 2023Updated 3 years ago
• mdsecactivebreach / DragonCastle

  View on GitHub
  A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.
  ☆303Oct 26, 2022Updated 3 years ago
• med0x2e / vba2clr

  View on GitHub
  Running .NET from VBA
  ☆147Feb 11, 2023Updated 3 years ago
• EspressoCake / BOF_Development_Docker

  View on GitHub
  A VSCode devcontainer for development of COFF files with batteries included.
  ☆50Jul 10, 2023Updated 2 years ago
• codewhitesec / Lastenzug

  View on GitHub
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆236Oct 18, 2022Updated 3 years ago
• ly4k / PassTheChallenge

  View on GitHub
  Recovering NTLM hashes from Credential Guard
  ☆386Dec 26, 2022Updated 3 years ago
• rad9800 / hwbp4mw

  View on GitHub
  ☆276Jan 14, 2023Updated 3 years ago
• Idov31 / Venom

  View on GitHub
  Venom is a library that meant to perform evasive communication using stolen browser socket
  ☆397Sep 26, 2023Updated 2 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• frkngksl / NimicStack

  View on GitHub
  NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs
  ☆96Apr 4, 2026Updated last month
• mitchmoser / LACheck

  View on GitHub
  ☆93Aug 23, 2021Updated 4 years ago
• WithSecureLabs / TickTock

  View on GitHub
  ☆115Oct 10, 2022Updated 3 years ago
• huntandhackett / concealed_code_execution

  View on GitHub
  Tools and technical write-ups describing attacking techniques that rely on concealing code execution on Windows
  ☆224Aug 12, 2022Updated 3 years ago
• djhohnstein / TSMSISrv_poc

  View on GitHub
  C# POC code for the SessionEnv dll hijack by utilizing called functions of TSMSISrv.dll
  ☆63Apr 18, 2019Updated 7 years ago
• connormcgarr / cThreadHijack

  View on GitHub
  Beacon Object File (BOF) for remote process injection via thread hijacking
  ☆222Jan 13, 2021Updated 5 years ago
• zimawhit3 / HellsGateNim

  View on GitHub
  A quick example of the Hells Gate technique in Nim
  ☆93Aug 11, 2021Updated 4 years ago
• Cracked5pider / CoffeeLdr

  View on GitHub
  Beacon Object File Loader
  ☆294Dec 3, 2023Updated 2 years ago
• mlcsec / ASRenum-BOF

  View on GitHub
  Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations
  ☆163Mar 1, 2024Updated 2 years ago
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• rad9800 / TamperingSyscalls

  View on GitHub
  ☆514Aug 14, 2022Updated 3 years ago
• leoloobeek / keyring

  View on GitHub
  Proper Payload Protection Prevents Poor Performance
  ☆76Jul 27, 2022Updated 3 years ago
• mdsecactivebreach / ParallelSyscalls

  View on GitHub
  ☆170Jan 7, 2022Updated 4 years ago
• zacbre / AssemblyCompressor

  View on GitHub
  Use GZip to compress your .NET assemblies for loading with AssemblyResolve.
  ☆20Apr 11, 2014Updated 12 years ago
• S4ntiagoP / donut

  View on GitHub
  Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…
  ☆116Oct 21, 2023Updated 2 years ago
• Accenture / Codecepticon

  View on GitHub
  .NET/PowerShell/VBA Offensive Security Obfuscator
  ☆523Feb 1, 2024Updated 2 years ago
• SECFORCE / SharpWhispers

  View on GitHub
  C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.
  ☆111Apr 14, 2023Updated 3 years ago