hillu / go-ntdllLinks
Go interface to NTDLL functions
☆78Updated last year
Alternatives and similar repositories for go-ntdll
Users that are interested in go-ntdll are comparing it to the libraries listed below
Sorting:
- A PoC package for hosting the CLR and executing .NET from Go☆77Updated last year
- Process injection techniques written in Go.☆64Updated 2 years ago
- Go implementation of the Heaven's Gate technique☆100Updated 4 years ago
- Process Injection Techniques with Golang☆80Updated 5 years ago
- A library to make HTTP requests with the Windows winhttp API☆24Updated last year
- Minimal PoC developed as discuss in https://captmeelo.com/redteam/maldev/2022/05/10/ntcreateuserprocess.html☆143Updated 3 years ago
- Shellcode implementation of Reflective DLL Injection by Golang. Convert DLLs to position independent shellcode☆61Updated 4 years ago
- Reflectively load PE☆104Updated 5 years ago
- bring your own vulnerable driver☆111Updated 2 years ago
- CreateRemoteThreadPlus: how to pass multiple parameters to the remote thread function without shellcode.☆136Updated 3 months ago
- Golang C2 and Beacon/Agent built from the ground up for scalability and expandability☆14Updated 4 years ago
- Simple PoCs for utilizing Windows syscalls in Go☆16Updated 4 years ago
- Golang packer that use process hollowing☆18Updated 3 years ago
- Fork of Wireguard's Memmod☆17Updated 2 years ago
- LdrLoadDll Unhooking☆134Updated 3 years ago
- A nice process dumping tool☆82Updated 3 years ago
- Patch AMSI and ETW in remote process via direct syscall☆83Updated 3 years ago
- ☆118Updated 2 years ago
- A small PoC that creates processes in Windows☆185Updated last year
- DLL Hollowing PoC - Remote and Self shellcode injection☆83Updated 3 years ago
- A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process☆106Updated 3 years ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆139Updated 3 years ago
- Without closing windows defender, to make defender useless by removing its token privileges and lowering the token integrity.☆31Updated 3 years ago
- ☆166Updated 3 years ago
- A C Implementation for using a new method to invoke undetectable indirect syscalls☆19Updated 6 months ago
- ☆147Updated 3 years ago
- An Obfuscator-LLVM based mingw-w64 toolchain.☆45Updated 3 years ago
- Get your data from the resource section manually, with no need for windows apis☆65Updated last year
- POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…☆40Updated 4 years ago
- Simple windows rpc server for research purposes only☆83Updated 3 years ago