hackerhouse-opensource / SetupHijackLinks
SetupHijack is a security research tool that exploits race conditions and insecure file handling in Windows applications installer and update processes.
☆259Updated 3 months ago
Alternatives and similar repositories for SetupHijack
Users that are interested in SetupHijack are comparing it to the libraries listed below
Sorting:
- Obex – Blocking unwanted DLLs in user mode☆280Updated 3 months ago
- Comprehensive Windows Syscall Extraction & Analysis Framework☆160Updated 4 months ago
- Direct access to NTFS volumes☆293Updated 4 months ago
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆164Updated 5 months ago
- AppLocker-Based EDR Neutralization☆261Updated 3 weeks ago
- Windows Session Hijacking via COM☆324Updated 3 weeks ago
- ☆160Updated 6 months ago
- Bypass user-land hooks by syscall tampering via the Trap Flag☆137Updated 4 months ago
- Activation Context Hijack☆168Updated 5 months ago
- Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks☆134Updated last year
- Enumerate active EDR's on the system☆147Updated 3 months ago
- Dynamic shellcode loader with sophisticated evasion capabilities☆271Updated 3 months ago
- Payload encoding utility to effectively lower payload entropy.☆121Updated 8 months ago
- A collection of PoCs to do common things in unconventional ways☆121Updated 4 months ago
- ☆164Updated 10 months ago
- The different ways to dump lsass☆203Updated 4 months ago
- SilentButDeadly is a network communication blocker specifically designed to neutralize EDR/AV software by preventing their cloud connecti…☆414Updated 2 months ago
- Remote DLL Injection with Timer-based Shellcode Execution☆151Updated 5 months ago
- RunPE implementation with multiple evasive techniques (2)☆262Updated 3 months ago
- early cascade injection PoC based on Outflanks blog post☆234Updated last year
- A Mythic Agent written in PIC C.☆207Updated 11 months ago
- PowerShell tool that shows how to read and write NTLM OWF values via samlib.dll.☆72Updated 2 months ago
- This is practice VM for malware development☆174Updated last month
- "Service-less" driver loading☆167Updated last year
- Convert your shellcode into an ASCII string☆124Updated 6 months ago
- Shellcode encryptor using a substitution cipher with a randomly generated key.☆144Updated 11 months ago
- Gain insights into COM/DCOM implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By…☆153Updated last month
- ☆106Updated last year
- Chameleon is a polymorphic engine for x86_64 position independent shellcode that has been created out of the need to evade signature-base…☆47Updated 3 months ago
- Two tools written in C that block network traffic for blacklisted EDR processes, using either Windows Defender Firewall (WDF) or Windows …☆255Updated 3 months ago