Implementation of Indirect Syscall technique to pop a calc.exe
☆113Jan 25, 2024Updated 2 years ago
Alternatives and similar repositories for SyscallMeMaybe
Users that are interested in SyscallMeMaybe are comparing it to the libraries listed below
Sorting:
- Execute shellcode files with rundll32☆216Jan 28, 2024Updated 2 years ago
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆190Mar 4, 2024Updated last year
- Enable or Disable TokenPrivilege(s)☆15May 17, 2024Updated last year
- Dump Lsass Memory Using a Reflective Dll☆14Feb 4, 2022Updated 4 years ago
- C++ self-Injecting dropper based on various EDR evasion techniques.☆427Feb 11, 2024Updated 2 years ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Dec 16, 2023Updated 2 years ago
- Work, timer, and wait callback example using solely Native Windows APIs.☆88Feb 11, 2024Updated 2 years ago
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer☆539Feb 13, 2024Updated 2 years ago
- C++ Staged Shellcode Loader with Evasion capabilities.☆95Oct 7, 2024Updated last year
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆458Aug 2, 2024Updated last year
- This repository implements Threadless Injection in C☆172Dec 23, 2023Updated 2 years ago
- Bypassing UAC with SSPI Datagram Contexts☆461Sep 24, 2023Updated 2 years ago
- Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege☆225Nov 23, 2023Updated 2 years ago
- Utilizing TLS callbacks to execute a payload without spawning any threads in a remote process☆287Jan 21, 2024Updated 2 years ago
- RDPCredentialStealer it's a malware that steal credentials provided by users in RDP using API Hooking with Detours in C++☆260Jun 14, 2023Updated 2 years ago
- Use hardware breakpoint to dynamically change SSN in run-time☆279Apr 10, 2024Updated last year
- DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable☆59Dec 15, 2023Updated 2 years ago
- ROP-based sleep obfuscation to evade memory scanners☆376Jun 22, 2025Updated 8 months ago
- ☆120Jan 30, 2024Updated 2 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆36Apr 5, 2022Updated 3 years ago
- ☆121Nov 21, 2024Updated last year
- Generic PE loader for fast prototyping evasion techniques☆244Jul 2, 2024Updated last year
- AV bypass while you sip your Chai!☆224May 17, 2024Updated last year
- A basic emulation of an "RPC Backdoor"☆242Aug 25, 2022Updated 3 years ago
- Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies☆122May 29, 2024Updated last year
- MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.☆537Nov 14, 2025Updated 3 months ago
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆325Apr 12, 2024Updated last year
- A beacon object file implementation of PoolParty Process Injection Technique.☆433Dec 21, 2023Updated 2 years ago
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆203Dec 27, 2023Updated 2 years ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆409Jan 11, 2026Updated last month
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆52Jul 15, 2023Updated 2 years ago
- Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current pr…☆21Jan 28, 2024Updated 2 years ago
- A C# Tool to gather information about email breaches☆16Dec 21, 2023Updated 2 years ago
- An implementation of an indirect system call☆132Aug 25, 2023Updated 2 years ago
- For when DLLMain is the only way☆424Oct 29, 2024Updated last year
- A more reliable way of resolving syscall numbers in Windows☆55Feb 12, 2024Updated 2 years ago
- ☆60Dec 15, 2023Updated 2 years ago
- .NET assembly loader with patchless AMSI and ETW bypass☆368Apr 19, 2023Updated 2 years ago