mannyfred/SentinelBruh

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/mannyfred/SentinelBruh)

mannyfred / SentinelBruh

Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution

☆44

Alternatives and similar repositories for SentinelBruh

Users that are interested in SentinelBruh are comparing it to the libraries listed below

Sorting:

preludeorg / Regstoration
View on GitHub
A rust proof of concept to demonstrate registry overwriting via RegRestoreKey using the Offline Registry Library
☆24Nov 13, 2025Updated 4 months ago
KiExitDispatcher / SsnRetrieval
View on GitHub
Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…
☆15Apr 21, 2025Updated 11 months ago
passthehashbrowns / VectoredExceptionHandling
View on GitHub
☆108Aug 21, 2024Updated last year
JayGLXR / Rusty-Stardust
View on GitHub
A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…
☆59Mar 17, 2025Updated last year
WKL-Sec / LayeredSyscall
View on GitHub
Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …
☆301Jul 31, 2024Updated last year
kr0tt / EarlyExceptionHandling
View on GitHub
Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH
☆140Aug 31, 2025Updated 6 months ago
JanielDary / ImmoralFiber
View on GitHub
Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
☆283Sep 18, 2024Updated last year
Cobaltlad / LSA_reg2PDF
View on GitHub
Dumping LSA secrets: a story about task decorrelation
☆14Jul 9, 2024Updated last year
xforcered / Being-A-Good-CLR-Host
View on GitHub
☆139Jan 16, 2025Updated last year
JoasASantos / PhantomsGate
View on GitHub
PhantomsGate: Advanced Shellcode Injection Technique
☆27Jul 15, 2024Updated last year
Maldev-Academy / TrapFlagForSyscalling
View on GitHub
Bypass user-land hooks by syscall tampering via the Trap Flag
☆139Aug 25, 2025Updated 6 months ago
r0keb / MunIntel
View on GitHub
kASLR bypass technique on Intel CPUs.
☆32May 18, 2025Updated 10 months ago
Octoberfest7 / enumhandles_BOF
View on GitHub
☆126Sep 1, 2024Updated last year
dr4ndrei / OHFFLdr
View on GitHub
One-header configurable C++20 COFF loader
☆21Jul 21, 2025Updated 8 months ago
CICADA8-Research / TypeLibWalker
View on GitHub
TypeLib persistence technique
☆141Oct 22, 2024Updated last year
cpu0x00 / Ghost
View on GitHub
Evasive shellcode loader
☆400Oct 17, 2024Updated last year
winterknife / SILVERPICK
View on GitHub
Windows User-Mode Shellcode Development Framework (WUMSDF)
☆129Nov 17, 2025Updated 4 months ago
xsh3llsh0ck / PicoHook
View on GitHub
Small driver that uses alternative syscalls feature
☆18May 9, 2024Updated last year
mannyfred / MentalTi
View on GitHub
Mentally ill EtwTi parser
☆69Jan 11, 2026Updated 2 months ago
EvanMcBroom / sleepy
View on GitHub
A lexer and parser for Sleep
☆20Feb 20, 2026Updated last month
0xTriboulet / Abomination
View on GitHub
A synergized Visual Studio and Rust development environment
☆19Jan 25, 2025Updated last year
0xTriboulet / rdll-rs
View on GitHub
A reflective DLL development template for the Rust programming language
☆116Nov 4, 2025Updated 4 months ago
yo-yo-yo-jbo / hotkeyz
View on GitHub
Hotkey-based keylogger for Windows
☆33Oct 17, 2024Updated last year
bitdefender / hypervinject-poc
View on GitHub
☆59Feb 19, 2026Updated last month
ricardojoserf / NativeBypassCredGuard
View on GitHub
Bypass Credential Guard by patching WDigest.dll using only NTAPI functions
☆268Apr 8, 2025Updated 11 months ago
C5Hackr / ARM64_AmsiPatch
View on GitHub
☆21Jan 8, 2026Updated 2 months ago
hasherezade / thread_namecalling
View on GitHub
Process Injection using Thread Name
☆307Apr 18, 2025Updated 11 months ago
Cracked5pider / earlycascade-injection
View on GitHub
early cascade injection PoC based on Outflanks blog post
☆239Nov 7, 2024Updated last year
Peribunt / VPGATHER
View on GitHub
Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …
☆55Dec 30, 2025Updated 2 months ago
joaoviictorti / uwd
View on GitHub
Call Stack Spoofing for Rust
☆212Jan 28, 2026Updated last month
vulnableone / BypassX
View on GitHub
The Swiss army knife of evasion tool that bypasses AMSI, Applocker, and CLM mode simultaneously.
☆27Mar 9, 2024Updated 2 years ago
outflanknl / nix_bof_template
View on GitHub
Beacon Object File (BOF) Template
☆66Mar 9, 2026Updated last week
EgeBalci / deoptimizer
View on GitHub
Evasion by machine code de-optimization.
☆418Jul 22, 2024Updated last year
internetangel / OffensiveD
View on GitHub
Utilizing DLang For Offensive Operations.
☆14May 29, 2025Updated 9 months ago
Tylous / Dent
View on GitHub
A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.
☆15Apr 4, 2023Updated 2 years ago
backdoorskid / ClrAmsiScanPatcher
View on GitHub
Patches the AmsiScan function in clr.dll allowing for unrestricted assembly loading in .NET
☆51May 5, 2025Updated 10 months ago
Octoberfest7 / zip_smuggling
View on GitHub
Python3 utility for creating zip files that smuggle additional data for later extraction
☆267May 15, 2025Updated 10 months ago
KiExitDispatcher / PhantomDelay
View on GitHub
PhantomDelay is a precise delay function that uses the Windows high resolution performance counter to pause your program for a specified …
☆19May 8, 2025Updated 10 months ago
KiExitDispatcher / Powershell-Persistance
View on GitHub
Whenever PowerShell is launched, Notepad will also open. You can customize the script for educational purposes, but I emphasize that I do…
☆12Apr 21, 2025Updated 11 months ago