passthehashbrowns / suspendedunhook
☆39Updated 3 years ago
Alternatives and similar repositories for suspendedunhook:
Users that are interested in suspendedunhook are comparing it to the libraries listed below
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 2 years ago
- Halos Gate-based NTAPI Unhooker☆51Updated 2 years ago
- Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used☆93Updated 3 years ago
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆54Updated 2 years ago
- A simple dumper as FreshyCalls' PoC. That's what's trendy, isn't it? ¯\_(ツ)_/¯☆40Updated 4 years ago
- API Hammering with C++20☆45Updated 2 years ago
- ☆43Updated last year
- A repository filled with ideas to break/detect direct syscall techniques☆27Updated 2 years ago
- ☆60Updated 3 years ago
- Windows x64 Process Injection via Ghostwriting with Dynamic Configuration☆29Updated 3 years ago
- A care package of useful bofs for red team engagments☆54Updated 3 months ago
- A BOF to parse the imports of a provided PE-file, optionally extracting symbols on a per-dll basis.☆85Updated 3 years ago
- Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits☆28Updated 2 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆70Updated last year
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆55Updated 3 years ago
- Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping☆54Updated 2 years ago
- Execute shellcode with ZwCreateSection, ZwMapViewOfSection, ZwOpenProcess, ZwMapViewOfSection and ZwCreateThreadEx☆14Updated 3 years ago
- ☆14Updated 2 years ago
- ☆82Updated 7 months ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆87Updated 2 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆52Updated last year
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆32Updated 2 years ago
- Beacon Object Files (not Buffer Overflows)☆53Updated 2 years ago
- ☆39Updated 2 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆31Updated 2 years ago
- An example of COM hijacking using a proxy DLL.☆28Updated 3 years ago
- Beacon Object File allowing creation of Beacons in different sessions.☆79Updated 2 years ago
- Small tool to play with IOCs caused by Imageload events☆42Updated last year
- My implementation of Halo's Gate technique in C#☆54Updated 2 years ago
- This is my own implementation of the Perun's Fart technique by Sektor7☆68Updated 2 years ago