Remove API hooks from a Beacon process.
☆14Sep 18, 2021Updated 4 years ago
Alternatives and similar repositories for unhook-bof
Users that are interested in unhook-bof are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆25Jul 7, 2022Updated 3 years ago
- Quickly generate every payload type for each listener and optionally host via HTTP.☆22Aug 23, 2021Updated 4 years ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆141Sep 12, 2022Updated 3 years ago
- A simple polymorphic engine☆21Jun 5, 2020Updated 5 years ago
- ☆24Apr 28, 2024Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A .NET 4.8 application to retrieve delivr.to emails from Microsoft Outlook via COM☆20Jul 19, 2025Updated 10 months ago
- Running .NET from VBA☆147Feb 11, 2023Updated 3 years ago
- Another Portable Executable files analysing stuff☆21May 28, 2011Updated 15 years ago
- ☆13Jul 24, 2022Updated 3 years ago
- Code for blog written at 0xdarkvortex.dev Red Team TTPs Part 2☆19Oct 8, 2020Updated 5 years ago
- An injector that aims to be stealthy by using non suspicious API calls. Inspired by (https://github.com/FuzzySecurity/Sharp-Suite/tree/ma…☆24Jun 17, 2020Updated 5 years ago
- NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs☆96Apr 4, 2026Updated last month
- Managed code hooking template.☆135Nov 19, 2021Updated 4 years ago
- Windows Service with the implementation of the Process hollowing technique to run shellcode☆14Jul 20, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- C# implementation of the token privilege removal flaw discovered by @GabrielLandau/Elastic☆143Feb 23, 2022Updated 4 years ago
- UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red …☆351Jul 3, 2022Updated 3 years ago
- Basic C# Project that will take an MSBuild payload and run it with MSBuild via ClickOnce.☆93Oct 24, 2020Updated 5 years ago
- ☆18Aug 19, 2021Updated 4 years ago
- Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.☆48Dec 31, 2021Updated 4 years ago
- ☆28Aug 8, 2021Updated 4 years ago
- MSBuild without MSbuild.exe☆135Dec 21, 2020Updated 5 years ago
- Remove API hooks from a Beacon process.☆284Sep 18, 2021Updated 4 years ago
- Beacon Object File PoC implementation of KillDefender☆234Apr 12, 2022Updated 4 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ☆45Oct 16, 2023Updated 2 years ago
- Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of …☆15Jan 9, 2019Updated 7 years ago
- A C# Tool to gather information about email breaches☆16Dec 21, 2023Updated 2 years ago
- Project to use Golang inside C#☆81Jun 5, 2020Updated 5 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆70Jun 25, 2024Updated last year
- An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are a…☆142Oct 1, 2022Updated 3 years ago
- Proof of Concept for EFSRPC Arbitrary File Upload (CVE-2021-43893)☆64Feb 14, 2022Updated 4 years ago
- Self delete DLL (2)☆14Feb 15, 2024Updated 2 years ago
- Hardened Proof of Concept of D/Invoke Process Injection malware☆42Jul 23, 2020Updated 5 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro…☆26May 19, 2022Updated 4 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆91Dec 15, 2022Updated 3 years ago
- Executables on Disk? Bleh 🤮☆115May 11, 2023Updated 3 years ago
- A set of commands to bypass Defender (and some other AVs)☆20Jul 25, 2019Updated 6 years ago
- WiFi arsenal☆17May 19, 2020Updated 6 years ago
- It stinks☆102Apr 22, 2022Updated 4 years ago
- one-time use token phishing toolkit☆12May 30, 2020Updated 5 years ago