nothingspecialforu / EvtPsstView external linksLinks
EvtPsst
☆55Oct 24, 2023Updated 2 years ago
Alternatives and similar repositories for EvtPsst
Users that are interested in EvtPsst are comparing it to the libraries listed below
Sorting:
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver☆54Oct 19, 2023Updated 2 years ago
- ☆61Dec 15, 2023Updated 2 years ago
- Work, timer, and wait callback example using solely Native Windows APIs.☆88Feb 11, 2024Updated 2 years ago
- a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor☆107Mar 25, 2024Updated last year
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)☆258Jun 29, 2024Updated last year
- Identify and exploit leaked handles for local privilege escalation.☆111Jun 19, 2023Updated 2 years ago
- A work in progress BOF/COFF loader in Rust☆50Mar 22, 2023Updated 2 years ago
- Packer is a compact, fast and crosss-platform serialization library for store data in a buffer☆22Aug 5, 2023Updated 2 years ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆22Mar 26, 2023Updated 2 years ago
- ☆47Feb 11, 2023Updated 3 years ago
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.☆72Mar 6, 2024Updated last year
- ☆122Oct 9, 2023Updated 2 years ago
- BOF for C2 framework☆44Nov 9, 2024Updated last year
- A collection of position independent coding resources☆107Nov 15, 2025Updated 3 months ago
- ECC Public Key Cryptography☆37Oct 29, 2023Updated 2 years ago
- ☆164Dec 30, 2022Updated 3 years ago
- A nim port of C5pider's Ekko project.☆17Oct 1, 2022Updated 3 years ago
- Classic Process Injection with Memory Evasion Techniques implemantation☆72Oct 28, 2023Updated 2 years ago
- A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process☆113Aug 29, 2022Updated 3 years ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Dec 16, 2023Updated 2 years ago
- A mechanism that trampoline hooks functions in x86/x64 systems.☆21Oct 9, 2024Updated last year
- some AV / EDR / analysis studies☆10May 21, 2023Updated 2 years ago
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆293Jul 15, 2023Updated 2 years ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆63Mar 19, 2024Updated last year
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆139Sep 12, 2022Updated 3 years ago
- A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…☆180Feb 10, 2023Updated 3 years ago
- For when DLLMain is the only way☆423Oct 29, 2024Updated last year
- DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable☆59Dec 15, 2023Updated 2 years ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆35Oct 31, 2023Updated 2 years ago
- It's what all the kids are talking about☆12Apr 25, 2023Updated 2 years ago
- Enable or Disable TokenPrivilege(s)☆15May 17, 2024Updated last year
- ☆162Oct 25, 2023Updated 2 years ago
- A small x64 library to load dll's into memory.☆455Nov 6, 2023Updated 2 years ago
- Detect EDR's exceptions by inspecting processes' loaded modules☆130Mar 15, 2024Updated last year
- a demo module for the kaine agent to execute and inject assembly modules☆41Aug 28, 2024Updated last year
- Using fibers to run in-memory code.☆240Oct 19, 2023Updated 2 years ago
- Hide memory artifacts using ROP and hardware breakpoints.☆147Oct 20, 2023Updated 2 years ago
- Detours implementation (x64/x86) which used only ntdll import☆90Oct 14, 2025Updated 4 months ago