nothingspecialforu / EvtPsstLinks
EvtPsst
☆55Updated last year
Alternatives and similar repositories for EvtPsst
Users that are interested in EvtPsst are comparing it to the libraries listed below
Sorting:
- ☆60Updated last year
- A pure C version of SymProcAddress☆29Updated last year
- miscellaneous codes☆34Updated 2 years ago
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆78Updated last year
- Section-based payload obfuscation technique for x64☆64Updated last year
- ☆47Updated 2 years ago
- A more reliable way of resolving syscall numbers in Windows☆52Updated last year
- ☆58Updated 11 months ago
- in-process powershell runner for BRC4☆47Updated last year
- ☆77Updated last year
- malleable profile generator GUI for Havoc☆55Updated 2 years ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated last year
- DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable☆57Updated last year
- Just another ntdll unhooking using Parun's Fart technique☆75Updated 2 years ago
- ☆36Updated last year
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆84Updated last year
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated 2 years ago
- Demoting PPL anti-malware services to less than a guest user☆63Updated 8 months ago
- 「⚙️」Detect which native Windows API's (NtAPI) are being hooked☆38Updated 9 months ago
- Small tool to play with IOCs caused by Imageload events☆42Updated 2 years ago
- Find DLLs with RWX section☆81Updated 2 years ago
- Sample Rust Hooking Engine☆36Updated last year
- Work, timer, and wait callback example using solely Native Windows APIs.☆89Updated last year
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆14Updated 2 years ago
- BOF for C2 framework☆43Updated 10 months ago
- Splitting and executing shellcode across multiple pages☆103Updated 2 years ago
- Some of the presentations, workshops, and labs I gave at public conferences.☆34Updated 3 weeks ago
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆52Updated last year
- Select any exported function in a dll as the new dll's entry point.☆82Updated 11 months ago
- Linux Sleep Obfuscation☆106Updated last year