janoglezcampos / FindItByCalls
Hacky code for extracting calls in DLLs by function
☆14Updated 2 years ago
Related projects: ⓘ
- ☆36Updated 3 years ago
- ☆14Updated 2 years ago
- ☆38Updated 11 months ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated last year
- Self Delete DLL☆23Updated 7 months ago
- Windows x64 Process Injection via Ghostwriting with Dynamic Configuration☆27Updated 2 years ago
- Execute shellcode with ZwCreateSection, ZwMapViewOfSection, ZwOpenProcess, ZwMapViewOfSection and ZwCreateThreadEx☆14Updated 3 years ago
- Halos Gate-based NTAPI Unhooker☆49Updated 2 years ago
- ☆38Updated this week
- Remove API hooks from a Beacon process.☆12Updated 3 years ago
- Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used☆92Updated 3 years ago
- ☆29Updated last year
- A simple dumper as FreshyCalls' PoC. That's what's trendy, isn't it? ¯\_(ツ)_/¯☆39Updated 3 years ago
- Bunch of BOF files☆21Updated 7 months ago
- ☆68Updated this week
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆53Updated 2 years ago
- Beacon Object Files (not Buffer Overflows)☆51Updated last year
- Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD☆24Updated 8 months ago
- ☆17Updated this week
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆34Updated 9 months ago
- ☆58Updated this week
- ☆58Updated 2 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 2 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆28Updated 2 years ago
- DLL Exports Extraction BOF with optional NTFS transactions.☆76Updated 2 years ago
- LSASS enumeration like pypykatz written in C-Lang☆20Updated 2 years ago
- ☆52Updated this week
- Sleep Obfuscation☆39Updated last year
- A way to extract tickets in case I need to purge and restore tickets on the fly.☆15Updated 4 months ago
- A BOF to parse the imports of a provided PE-file, optionally extracting symbols on a per-dll basis.☆81Updated 2 years ago