huntandhackett / sysmon-indepthLinks
Understanding the operation and limitations of Sysmon's events
☆19Updated 2 years ago
Alternatives and similar repositories for sysmon-indepth
Users that are interested in sysmon-indepth are comparing it to the libraries listed below
Sorting:
- ☆17Updated last year
- A work in progress BOF/COFF loader in Rust☆50Updated 2 years ago
- BYOVD collection☆23Updated last year
- ☆99Updated last year
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated 2 years ago
- In-memory hiding technique☆54Updated 5 months ago
- ☆36Updated 2 years ago
- Beacon Debugger☆40Updated 7 months ago
- Linker for Beacon Object Files☆70Updated last week
- Dynamically resolve API function addresses at runtime in a secure manner.☆64Updated last month
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆64Updated 2 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆54Updated 2 years ago
- Indirect NT syscalls LSASS dumper.☆44Updated last year
- ☆17Updated 9 months ago
- Template-based generation of shellcode loaders☆77Updated last year
- Repo that holds random POCs☆51Updated last year
- Small tool to play with IOCs caused by Imageload events☆42Updated 2 years ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆60Updated last year
- Windows C++ Implant for Exploration C2☆31Updated last week
- DynamicSyscalls is a library written in .net resolves the syscalls dynamically (Has nothing to do with hooking/unhooking)☆65Updated 2 years ago
- I have documented all of the AMSI patches that I learned till now☆72Updated 2 months ago
- A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.☆63Updated last month
- Execute dotnet app from unmanaged process☆75Updated 5 months ago
- Load a dynamic library from memory using a fuse mount☆31Updated last year
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆55Updated 2 months ago
- EmbedExeLnk by x86matthew modified by d4rkiZ☆41Updated 2 years ago
- ☆27Updated 4 months ago
- Titan: A crappy Reflective Loader written in C and assembly for Cobalt Strike. Redirects DNS Beacon over DoH☆48Updated 3 years ago
- Rust Implementation of SharpDllProxy for DLL Proxying Technique☆30Updated 2 years ago
- ☆71Updated last year