Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution
☆43Oct 11, 2025Updated 4 months ago
Alternatives and similar repositories for SentinelBruh
Users that are interested in SentinelBruh are comparing it to the libraries listed below
Sorting:
- A rust proof of concept to demonstrate registry overwriting via RegRestoreKey using the Offline Registry Library☆24Nov 13, 2025Updated 3 months ago
- Dumping LSA secrets: a story about task decorrelation☆14Jul 9, 2024Updated last year
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆59Mar 17, 2025Updated 11 months ago
- ☆108Aug 21, 2024Updated last year
- Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…☆15Apr 21, 2025Updated 10 months ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆283Sep 18, 2024Updated last year
- Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …☆298Jul 31, 2024Updated last year
- A synergized Visual Studio and Rust development environment☆19Jan 25, 2025Updated last year
- Small driver that uses alternative syscalls feature (the project is still under development).☆18May 9, 2024Updated last year
- Hotkey-based keylogger for Windows☆32Oct 17, 2024Updated last year
- Bypass user-land hooks by syscall tampering via the Trap Flag☆139Aug 25, 2025Updated 6 months ago
- Mentally ill EtwTi parser☆68Jan 11, 2026Updated last month
- ☆86Jan 21, 2025Updated last year
- ☆22Jan 15, 2025Updated last year
- ☆139Jan 16, 2025Updated last year
- TypeLib persistence technique☆140Oct 22, 2024Updated last year
- Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH☆137Aug 31, 2025Updated 6 months ago
- Windows User-Mode Shellcode Development Framework (WUMSDF)☆125Nov 17, 2025Updated 3 months ago
- ☆126Sep 1, 2024Updated last year
- Slides for COM Hijacking AV/EDR Talk on 38c3☆75Jan 3, 2025Updated last year
- A lexer and parser for Sleep☆20Feb 20, 2026Updated last week
- Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does☆95Jul 3, 2025Updated 7 months ago
- ☆58Feb 19, 2026Updated last week
- A reflective DLL development template for the Rust programming language☆114Nov 4, 2025Updated 3 months ago
- One-header configurable C++20 COFF loader☆21Jul 21, 2025Updated 7 months ago
- ☆17Sep 17, 2025Updated 5 months ago
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆266Apr 8, 2025Updated 10 months ago
- Call Stack Spoofing for Rust☆210Jan 28, 2026Updated last month
- Evasion by machine code de-optimization.☆418Jul 22, 2024Updated last year
- Evasive shellcode loader☆400Oct 17, 2024Updated last year
- Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …☆54Dec 30, 2025Updated 2 months ago
- early cascade injection PoC based on Outflanks blog post☆237Nov 7, 2024Updated last year
- A Rust template for writing Beacon Object Files (BOFs)☆100Feb 11, 2026Updated 2 weeks ago
- Rust template/library for implementing your own COFF loader☆72Jan 27, 2025Updated last year
- Process Injection using Thread Name☆299Apr 18, 2025Updated 10 months ago
- RPC to WebClient startup☆55Aug 19, 2025Updated 6 months ago
- Patches the AmsiScan function in clr.dll allowing for unrestricted assembly loading in .NET☆50May 5, 2025Updated 9 months ago
- early cascade injection PoC based on Outflanks blog post, in rust☆62Nov 8, 2024Updated last year
- Beacon Object File (BOF) Template☆64Feb 6, 2026Updated 3 weeks ago