lem0nSec / DseblerLinks
Reimplementation of the KExecDD DSE bypass technique.
☆54Updated last year
Alternatives and similar repositories for Dsebler
Users that are interested in Dsebler are comparing it to the libraries listed below
Sorting:
- Exploiting the KsecDD Windows driver through Server Silos☆74Updated 11 months ago
- ☆94Updated last year
- shell code example☆63Updated 3 weeks ago
- Callstack spoofing using a VEH because VEH all the things.☆23Updated 7 months ago
- Next gen process injection technique☆54Updated 5 years ago
- ☆42Updated 8 months ago
- ☆43Updated 10 months ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆102Updated 7 months ago
- a demo module for the kaine agent to execute and inject assembly modules☆42Updated last year
- API Hammering with C++20☆49Updated 3 years ago
- Shellcode Loader Utilizing ETW Events☆67Updated 7 months ago
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆61Updated last year
- ☆100Updated 2 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆36Updated 3 years ago
- Get your data from the resource section manually, with no need for windows apis☆65Updated last year
- In-memory hiding technique☆56Updated 9 months ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated 2 years ago
- ☆61Updated last year
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆73Updated 6 months ago
- List the ETW provider(s) in the registration table of a process.☆63Updated 2 years ago
- Splitting and executing shellcode across multiple pages☆103Updated 2 years ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆68Updated last year
- Section-based payload obfuscation technique for x64☆64Updated last year
- Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH☆129Updated last month
- Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…☆92Updated 3 months ago
- https://github.com/janoglezcampos/c_syscalls with the ASM rewritten by myself for Visual Studio's Compiler.☆29Updated last year
- Win32 keylogger that supports all (non-ime using) languages correctly☆52Updated last year
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆84Updated last year
- Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.☆49Updated last year
- Shellcode capable of bypassing EAF / IAF mitigations☆25Updated 2 years ago