lleon1435 / birdnet-pocLinks
Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
☆14Updated 2 years ago
Alternatives and similar repositories for birdnet-poc
Users that are interested in birdnet-poc are comparing it to the libraries listed below
Sorting:
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆78Updated last year
- Find DLLs with RWX section☆81Updated 2 years ago
- BOF for C2 framework☆43Updated 10 months ago
- A collection of position independent coding resources☆94Updated last week
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated last year
- Impersonate Tokens using only NTAPI functions☆80Updated 5 months ago
- Section-based payload obfuscation technique for x64☆64Updated last year
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.