passthehashbrowns / hook-integrity-checksView external linksLinks
☆24May 28, 2021Updated 4 years ago
Alternatives and similar repositories for hook-integrity-checks
Users that are interested in hook-integrity-checks are comparing it to the libraries listed below
Sorting:
- ☆42Apr 22, 2021Updated 4 years ago
- LoadLibrary for offensive operations☆33Dec 14, 2021Updated 4 years ago
- It stinks☆105Apr 22, 2022Updated 3 years ago
- My experience using Windows API for offensive purposes☆17Jul 10, 2021Updated 4 years ago
- ☆31Aug 23, 2020Updated 5 years ago
- Userland API Unhooker Project☆110Jun 14, 2021Updated 4 years ago
- A fork of https://github.com/SafeBreach-Labs/pinjectra with a practical implementation of Stack Bombing☆29Oct 22, 2020Updated 5 years ago
- A Practical example of ELAM (Early Launch Anti-Malware)☆36Nov 12, 2021Updated 4 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆27Apr 21, 2022Updated 3 years ago
- Antivirus Emulator Fingerprints☆30Oct 12, 2018Updated 7 years ago
- Append a custom data payload to a digitally signed NSIS .exe installer☆24Jan 11, 2023Updated 3 years ago
- A tool to create COM class/interface relationships in neo4j☆50Oct 12, 2022Updated 3 years ago
- A collection of scripts used to support an OffSecOps pipeline.☆14Jan 31, 2021Updated 5 years ago
- A BOF to interact with COM objects associated with the Windows software firewall.☆109Oct 10, 2021Updated 4 years ago
- Perun's Fart (Slavic God's Luck). Another method for unhooking AV and EDR, this is my C# version.☆117Dec 26, 2021Updated 4 years ago
- Load .net assemblies from memory while having them appear to be loaded from an on-disk location.☆173May 5, 2021Updated 4 years ago
- ☆14Nov 29, 2021Updated 4 years ago
- Modifies machine.config for persistence after installing signed .net assembly onto GAC☆13Mar 17, 2022Updated 3 years ago
- A BOF for enumerating version information for DLLs associated for a Beacon process.☆16Nov 23, 2021Updated 4 years ago
- A Docker container used to easily compile Nim binaries generated by my tools (NimPackt and NimPlant)☆16Aug 31, 2023Updated 2 years ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆115Feb 27, 2021Updated 4 years ago
- Hiding your process in ProcessHacker,Task Manager,etc by patching NtQuerySystemInformation☆88Apr 20, 2021Updated 4 years ago
- A rust based DLL injection project☆31Sep 18, 2022Updated 3 years ago
- Proof of concept - Covert Channel using Windows Filtering Platform (C#)☆21Aug 29, 2021Updated 4 years ago
- Building and Executing Position Independent Shellcode from Object Files in Memory☆166Jan 30, 2021Updated 5 years ago
- Get your data from the resource section manually, with no need for windows apis☆67Oct 22, 2024Updated last year
- ☆101Aug 23, 2021Updated 4 years ago
- ☆37Dec 27, 2021Updated 4 years ago
- ☆44Oct 16, 2023Updated 2 years ago
- Disable PPL via custom driver and dump lsass☆15Mar 13, 2021Updated 4 years ago
- Hooking Heavens Gate in a weekend☆13Jan 1, 2022Updated 4 years ago
- A PoC executing shellcode in Dart☆17Jun 28, 2022Updated 3 years ago
- LittleCorporal: A C# Automated Maldoc Generator☆229Jul 30, 2021Updated 4 years ago
- Service Enumeration C# .NET Assembly☆59Sep 14, 2021Updated 4 years ago
- Windows (ShadowMove) Socket Duplication☆87Apr 19, 2020Updated 5 years ago
- A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…☆97Sep 26, 2019Updated 6 years ago
- A proof-of-concept tool that attempts to retrieve the configuration from the memory dump of an F-Secure C3 Relay executable.☆18Jul 2, 2021Updated 4 years ago
- Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.☆99Jul 7, 2020Updated 5 years ago
- Collection of CobaltStrike beacon object files☆105Feb 14, 2022Updated 3 years ago