proper ntdll .text section unhooking via native api. unlike other unhookers this doesnt leave 2 ntdlls loaded. x86/x64/wow64 supported.
☆56Dec 9, 2025Updated 4 months ago
Alternatives and similar repositories for NTDLL-Unhook
Users that are interested in NTDLL-Unhook are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Poshito is a Windows C2 over Telegram☆21Oct 30, 2024Updated last year
- ☆11May 5, 2024Updated last year
- Locate dlls and function addresses without PEB Walk and EAT parsing☆105Nov 7, 2025Updated 5 months ago
- Native C++ access to Active Directory over ADWS, no .NET, no WCF, no HTTP stack.☆75Mar 27, 2026Updated last month
- Executing Shellcode with ReadDirectoryChanges’s Hidden Callback☆30Oct 13, 2025Updated 6 months ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Evade behavioral analysis by executing malicious code within trusted Microsoft call stacks, patchless hooking library IAT/EAT.☆141Dec 8, 2025Updated 4 months ago
- Cryptanalysis of a proprietary 1999 video DRM system. Recovers 61 encrypted wrestling videos from the WCW Internet Powerdisk CD-ROM throu…☆25Jan 29, 2026Updated 3 months ago
- Red Team Coin for crypto-mining operations.☆24Mar 1, 2026Updated 2 months ago
- .NET assembly loader with patching AMSI and ETW bypass☆33Apr 16, 2025Updated last year
- Shellcode and In-PowerShell solution for patching AMSI via Page Guard Exceptions☆69Nov 15, 2025Updated 5 months ago
- Simple pure PowerShell POC to bypass Entra / Intune Compliance Conditional Access Policy☆170Nov 17, 2025Updated 5 months ago
- ☆30Oct 19, 2024Updated last year
- Active Directory information dumper via ADWS for evasion purposes.☆220Feb 23, 2026Updated 2 months ago
- Items related to the RedELK workshop given at security conferences☆29Sep 28, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ☆63Jan 2, 2024Updated 2 years ago
- Scripts to interact with Microsoft Graph APIs☆45Nov 7, 2024Updated last year
- The PoC for CVE-2025-70795 / CVE-2026-0828 and updated driver☆45Mar 13, 2026Updated last month
- LSTAR - CobaltStrike Translated to EN☆22Jun 15, 2023Updated 2 years ago
- Two tools written in C that block network traffic for blacklisted EDR processes, using either Windows Defender Firewall (WDF) or Windows …☆267Sep 23, 2025Updated 7 months ago
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆308Mar 28, 2026Updated last month
- Unauthenticated start EFS service on remote Windows host (make PetitPotam great again)☆138Oct 23, 2025Updated 6 months ago
- Windows rootkit designed to work with BYOVD exploits☆218Jan 18, 2025Updated last year
- Wonka is a sweet Windows tool that extracts Kerberos tickets from the Local Security Authority (LSA) cache. Like finding a ticket, but fo…☆167Oct 21, 2025Updated 6 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Simple C# Redirector☆94Aug 31, 2025Updated 8 months ago
- Commandline spoofing on Windows☆101Nov 25, 2025Updated 5 months ago
- a small script to collect information from a management point☆37Jan 19, 2026Updated 3 months ago
- Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover☆86Oct 20, 2025Updated 6 months ago
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆218Aug 21, 2025Updated 8 months ago
- Adversary Simulation Framework☆40Aug 19, 2025Updated 8 months ago
- A unique introduction to native runtime obfuscation.☆76Mar 2, 2025Updated last year
- https://github.com/janoglezcampos/c_syscalls with the ASM rewritten by myself for Visual Studio's Compiler.☆34Jun 23, 2024Updated last year
- ☆12Feb 4, 2025Updated last year
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- A cmake template for crystal palace☆40Dec 20, 2025Updated 4 months ago
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆16Sep 4, 2020Updated 5 years ago
- Assorted BloodHound Cypher queries/tricks I haven't seen in other cheat sheets☆12Jun 21, 2021Updated 4 years ago
- Windows Access token manipulation tool made in C#☆25Aug 24, 2025Updated 8 months ago
- Boilerplate to develop raw and truly Position Independent Code (PIC).☆117Jan 20, 2025Updated last year
- Neo4LDAP is a query and visualization tool focused on Active Directory environments. It combines LDAP syntax with graph-based data analys…☆97Feb 3, 2026Updated 3 months ago
- Sleep Obfuscation☆46Oct 13, 2022Updated 3 years ago