Implementation of Indirect Syscall technique to pop a calc.exe
☆112Jan 25, 2024Updated 2 years ago
Alternatives and similar repositories for SyscallMeMaybe
Users that are interested in SyscallMeMaybe are comparing it to the libraries listed below
Sorting:
- Execute shellcode files with rundll32☆218Jan 28, 2024Updated 2 years ago
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- Enable or Disable TokenPrivilege(s)☆15May 17, 2024Updated last year
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆190Mar 4, 2024Updated 2 years ago
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆460Aug 2, 2024Updated last year
- C++ self-Injecting dropper based on various EDR evasion techniques.☆426Feb 11, 2024Updated 2 years ago
- Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege☆225Nov 23, 2023Updated 2 years ago
- C++ Staged Shellcode Loader with Evasion capabilities.☆96Oct 7, 2024Updated last year
- Dump Lsass Memory Using a Reflective Dll☆14Feb 4, 2022Updated 4 years ago
- An implementation of an indirect system call☆132Aug 25, 2023Updated 2 years ago
- Bypassing UAC with SSPI Datagram Contexts☆465Sep 24, 2023Updated 2 years ago
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer☆542Feb 13, 2024Updated 2 years ago
- Utilizing TLS callbacks to execute a payload without spawning any threads in a remote process☆287Jan 21, 2024Updated 2 years ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Dec 16, 2023Updated 2 years ago
- This repository implements Threadless Injection in C☆172Dec 23, 2023Updated 2 years ago
- ☆121Nov 21, 2024Updated last year
- Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…☆15Apr 21, 2025Updated 10 months ago
- Work, timer, and wait callback example using solely Native Windows APIs.☆88Feb 11, 2024Updated 2 years ago
- AV bypass while you sip your Chai!☆223May 17, 2024Updated last year
- A beacon object file implementation of PoolParty Process Injection Technique.☆436Dec 21, 2023Updated 2 years ago
- A basic emulation of an "RPC Backdoor"☆242Aug 25, 2022Updated 3 years ago
- RDPCredentialStealer it's an implant that steal credentials provided by users in RDP using API Hooking with Detours in C++☆263Mar 11, 2026Updated last week
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆204Dec 27, 2023Updated 2 years ago
- Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies☆123May 29, 2024Updated last year
- Webshell agent in aspx and php☆27Dec 11, 2025Updated 3 months ago
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆326Apr 12, 2024Updated last year
- ROP-based sleep obfuscation to evade memory scanners☆379Jun 22, 2025Updated 8 months ago
- Use hardware breakpoint to dynamically change SSN in run-time☆280Apr 10, 2024Updated last year
- HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.☆719Jul 19, 2023Updated 2 years ago
- MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.☆538Nov 14, 2025Updated 4 months ago
- Generic PE loader for fast prototyping evasion techniques☆245Jul 2, 2024Updated last year
- For when DLLMain is the only way☆424Oct 29, 2024Updated last year
- ☆119Jan 30, 2024Updated 2 years ago
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.☆444Jul 8, 2024Updated last year
- Performing Indirect Clean Syscalls☆605Apr 19, 2023Updated 2 years ago
- A C# Tool to gather information about email breaches☆16Dec 21, 2023Updated 2 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆36Apr 5, 2022Updated 3 years ago
- ☆22Dec 30, 2025Updated 2 months ago
- Remotely Enumerate sessions using undocumented Windows Station APIs☆117Aug 21, 2024Updated last year