daddycocoaman / dumpscanLinks
Finding secrets in kernel and user memory
☆116Updated last year
Alternatives and similar repositories for dumpscan
Users that are interested in dumpscan are comparing it to the libraries listed below
Sorting:
- ☆119Updated last year
- ☆113Updated 3 years ago
- POC for frustrating/defeating Malware Analysts☆154Updated 2 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆88Updated 2 years ago
- Detect strange memory regions and DLLs☆183Updated 3 years ago
- Deleting Shadow Copies In Pure C++☆114Updated 2 years ago
- Simple EDR implementation to demonstrate bypass☆173Updated 5 years ago
- Do some DLL SideLoading magic☆83Updated last year
- A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading☆84Updated 2 years ago
- Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms☆128Updated 2 years ago
- Experiment on reproducing Obfuscate & Sleep☆145Updated 4 years ago
- ☆136Updated last year
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Updated last year
- It's pointy and it hurts!☆126Updated 2 years ago
- ☆141Updated 2 years ago
- ☆216Updated 2 years ago
- ☆118Updated 4 years ago
- A fake AMSI Provider which can be used for persistence.☆150Updated 4 years ago
- different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)☆190Updated last year
- ☆155Updated 5 months ago
- Simple EDR that injects a DLL into a process to place a hook on specific Windows API☆92Updated last year
- Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider☆174Updated 2 years ago
- Exploitation of process killer drivers☆200Updated last year
- Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged☆86Updated 2 years ago
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated last year
- Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.☆101Updated 3 years ago
- Detect EDR's exceptions by inspecting processes' loaded modules☆130Updated last year
- Building and Executing Position Independent Shellcode from Object Files in Memory☆156Updated 4 years ago
- WTSRM☆211Updated 2 years ago
- Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…☆106Updated 3 months ago