frkngksl / HintInject
A PoC project for embedding shellcode to Hint/Name Table
☆111Updated 2 years ago
Alternatives and similar repositories for HintInject:
Users that are interested in HintInject are comparing it to the libraries listed below
- A Poc on blocking Procmon from monitoring network events☆100Updated 2 years ago
- ☆110Updated 2 years ago
- Patch AMSI and ETW in remote process via direct syscall☆80Updated 2 years ago
- Overwrite a process's recovery callback and execute with WER☆102Updated 2 years ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆132Updated 2 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆87Updated 2 years ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆122Updated 2 years ago
- Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.☆99Updated 2 years ago
- ☆134Updated last year
- Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms☆115Updated 2 years ago
- Experiment on reproducing Obfuscate & Sleep☆141Updated 3 years ago
- Building and Executing Position Independent Shellcode from Object Files in Memory☆154Updated 4 years ago
- a library that automates some clean syscalls to make it easier to implement☆84Updated 2 years ago
- Identify and exploit leaked handles for local privilege escalation.☆105Updated last year
- Beacon Object File allowing creation of Beacons in different sessions.☆78Updated 2 years ago
- Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR☆153Updated 3 years ago
- ☆160Updated 3 years ago
- ☆127Updated last year
- ☆132Updated 2 years ago
- A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…☆169Updated last year
- A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel. Not operationally …☆83Updated 2 years ago
- ☆85Updated 2 years ago
- Infect Shared Files In Memory for Lateral Movement☆193Updated 2 years ago
- 64bit WIndows 10 shellcode dat pops dat calc - Dynamic & Null Free☆60Updated last year
- ☆46Updated 2 years ago
- It's pointy and it hurts!☆122Updated 2 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆100Updated last year
- Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping☆48Updated 2 years ago
- The code is a pingback to the Dark Vortex blog:☆169Updated 2 years ago
- Small PoC of using a Microsoft signed executable as a lolbin.☆133Updated last year