DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable
☆60Dec 15, 2023Updated 2 years ago
Alternatives and similar repositories for UnlinkDLL
Users that are interested in UnlinkDLL are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.☆54Feb 29, 2024Updated 2 years ago
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)☆263Jun 29, 2024Updated last year
- Remote Shellcode Injector☆219Aug 27, 2023Updated 2 years ago
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆293Jul 15, 2023Updated 2 years ago
- Linux Sleep Obfuscation☆113Jan 7, 2024Updated 2 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Execute shellcode files with rundll32☆218Jan 28, 2024Updated 2 years ago
- Identify binaries with Authenticode digital signatures signed to an internal CA/domain☆40Feb 6, 2024Updated 2 years ago
- ☆60Dec 15, 2023Updated 2 years ago
- PoC demonstrating a multi process injection chain aimed at remotely executing shellcode☆259Jan 21, 2024Updated 2 years ago
- ☆210Nov 28, 2023Updated 2 years ago
- Utilizing TLS callbacks to execute a payload without spawning any threads in a remote process☆287Jan 21, 2024Updated 2 years ago
- Loading and executing shellcode in C# without PInvoke.☆22Jan 10, 2022Updated 4 years ago
- A care package of useful bofs for red team engagments☆53Dec 6, 2024Updated last year
- ☆35Dec 21, 2023Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Creation and removal of Defender path exclusions and exceptions in C#.☆32Nov 1, 2023Updated 2 years ago
- A C# Tool to gather information about email breaches☆16Dec 21, 2023Updated 2 years ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Dec 16, 2023Updated 2 years ago
- Nim version of MDSec's Parallel Syscall PoC☆124Jan 14, 2022Updated 4 years ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- An App Domain Manager Injection DLL PoC on steroids☆212Dec 14, 2023Updated 2 years ago
- Halos Gate-based NTAPI Unhooker☆52Apr 21, 2022Updated 3 years ago
- Generate Shellcode Loaders & Injects☆159May 15, 2023Updated 2 years ago
- ☆224Oct 22, 2023Updated 2 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Obtain and parse SSL certificates☆86Nov 19, 2021Updated 4 years ago
- Nim Library for Offensive Security Development☆199Sep 4, 2023Updated 2 years ago
- A mechanism that trampoline hooks functions in x86/x64 systems.☆21Oct 9, 2024Updated last year
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆190Mar 4, 2024Updated 2 years ago
- Defeating Anti-Debugging Techniques for Malware Analysis☆12Oct 1, 2022Updated 3 years ago
- A small x64 library to load dll's into memory.☆459Nov 6, 2023Updated 2 years ago
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆185Aug 2, 2023Updated 2 years ago
- A PoC project for embedding shellcode to Hint/Name Table☆114May 16, 2022Updated 3 years ago
- Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege☆226Nov 23, 2023Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current pr…☆21Jan 28, 2024Updated 2 years ago
- Exploitation of echo_driver.sys☆170Sep 16, 2023Updated 2 years ago
- A CIA tradecraft technique to asynchronously detect when a process is created using WMI.☆139Feb 2, 2026Updated last month
- Detects CanaryTokens in Office docs and PDFs (docx, xlsx, pptx, pdf) without triggering alerts☆129Dec 23, 2025Updated 3 months ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆35Oct 31, 2023Updated 2 years ago
- ☆31Aug 23, 2020Updated 5 years ago
- Your Windows syscall hooking factory - feat Canterlot's Gate - All accessible over MCP☆127Mar 19, 2026Updated last week