hackerhouse-opensource / SetupHijackLinks
SetupHijack is a security research tool that exploits race conditions and insecure file handling in Windows applications installer and update processes.
☆259Updated 2 months ago
Alternatives and similar repositories for SetupHijack
Users that are interested in SetupHijack are comparing it to the libraries listed below
Sorting:
- Obex – Blocking unwanted DLLs in user mode☆276Updated 3 months ago
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆163Updated 4 months ago
- Comprehensive Windows Syscall Extraction & Analysis Framework☆157Updated 3 months ago
- Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks☆133Updated 11 months ago
- Payload encoding utility to effectively lower payload entropy.☆120Updated 8 months ago
- Activation Context Hijack☆169Updated 4 months ago
- ☆157Updated 6 months ago
- Bypass user-land hooks by syscall tampering via the Trap Flag☆135Updated 3 months ago
- early cascade injection PoC based on Outflanks blog post☆234Updated last year
- A Mythic Agent written in PIC C.☆205Updated 10 months ago
- Direct access to NTFS volumes☆291Updated 3 months ago
- Dynamic shellcode loader with sophisticated evasion capabilities☆273Updated 2 months ago
- Shellcode encryptor using a substitution cipher with a randomly generated key.☆142Updated 11 months ago
- "Service-less" driver loading☆166Updated last year
- RunPE implementation with multiple evasive techniques☆253Updated 2 months ago
- ☆164Updated 9 months ago
- A collection of PoCs to do common things in unconventional ways☆121Updated 3 months ago
- Remote DLL Injection with Timer-based Shellcode Execution☆152Updated 5 months ago
- The dragon in the dark. A red team post exploitation framework for testing security controls during red team assessments.☆352Updated last week
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆102Updated 8 months ago
- ☆108Updated last year
- Enumerate active EDR's on the system☆146Updated 2 months ago
- RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging☆203Updated 9 months ago
- A small How-To on creating your own weaponized WSL file☆118Updated 4 months ago
- Generate an Alphabetical Polymorphic Shellcode☆133Updated 4 months ago
- Injecting DLL into LSASS at boot☆155Updated 7 months ago
- The different ways to dump lsass☆202Updated 4 months ago
- Windows rootkit designed to work with BYOVD exploits☆211Updated 11 months ago
- Stealthy x64 thread manipulation library for calling functions inside target processes without creating remote threads or installing hook…☆58Updated 2 months ago
- ☆159Updated last year