hackerhouse-opensource / SetupHijackLinks
SetupHijack is a security research tool that exploits race conditions and insecure file handling in Windows applications installer and update processes.
☆260Updated 4 months ago
Alternatives and similar repositories for SetupHijack
Users that are interested in SetupHijack are comparing it to the libraries listed below
Sorting:
- Obex – Blocking unwanted DLLs in user mode☆279Updated 4 months ago
- Comprehensive Windows Syscall Extraction & Analysis Framework☆160Updated 5 months ago
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆165Updated 6 months ago
- AppLocker-Based EDR Neutralization☆281Updated last month
- A Mythic Agent written in PIC C.☆206Updated 11 months ago
- Activation Context Hijack☆169Updated 5 months ago
- Windows Session Hijacking via COM☆331Updated last month
- Direct access to NTFS volumes☆291Updated 4 months ago
- Bypass user-land hooks by syscall tampering via the Trap Flag☆138Updated 5 months ago
- Dynamic shellcode loader with sophisticated evasion capabilities☆280Updated 4 months ago
- ☆163Updated 7 months ago
- early cascade injection PoC based on Outflanks blog post☆236Updated last year
- The different ways to dump lsass☆206Updated 5 months ago
- Gain insights into COM/DCOM implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By…☆154Updated 2 months ago
- Remote DLL Injection with Timer-based Shellcode Execution☆152Updated 6 months ago
- A collection of PoCs to do common things in unconventional ways☆122Updated 5 months ago
- Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks☆136Updated last year
- RunPE implementation with multiple evasive techniques (2)☆265Updated 4 months ago
- ☆108Updated last year
- Enumerate active EDR's on the system☆150Updated 4 months ago
- A Payload Analysis Framework☆114Updated 3 months ago
- Convert your shellcode into an ASCII string☆124Updated 7 months ago
- "Service-less" driver loading☆166Updated last year
- SilentButDeadly is a network communication blocker specifically designed to neutralize EDR/AV software by preventing their cloud connecti…☆431Updated 2 months ago
- Payload encoding utility to effectively lower payload entropy.☆123Updated 9 months ago
- A PoC for Early Cascade process injection technique.☆205Updated last year
- Conquest is a feature-rich and malleable command & control/post-exploitation framework developed in Nim.☆255Updated last week
- A Windows Named Pipe Multi-tool / Proxy☆283Updated last month
- EDRStartupHinder: A red team tool to prevent Antivirus and EDR from running.☆172Updated 3 weeks ago
- Two tools written in C that block network traffic for blacklisted EDR processes, using either Windows Defender Firewall (WDF) or Windows …☆257Updated 4 months ago