rbmm / DirectSysCallLinks
☆12Updated 2 years ago
Alternatives and similar repositories for DirectSysCall
Users that are interested in DirectSysCall are comparing it to the libraries listed below
Sorting:
- ☆54Updated 2 years ago
- A simple Linux in-memory .so loader☆30Updated 2 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated 2 years ago
- Self Delete DLL☆23Updated last year
- A simple PE loader.☆26Updated 2 years ago
- Hooked create process injection for meterpreter☆23Updated 4 years ago
- ☆25Updated 6 months ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 3 years ago
- Small tool to play with IOCs caused by Imageload events☆42Updated 2 years ago
- A work in progress BOF/COFF loader in Rust☆51Updated 2 years ago
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆26Updated last year
- ☆48Updated 4 years ago
- RunPE adapted for x64 and written in C, does not use RWX☆27Updated last year
- example using NtCreateUserProcess in rust☆19Updated 7 months ago
- A bunch of shenanigans using functions, VEH and more☆32Updated 2 months ago
- A more reliable way of resolving syscall numbers in Windows☆53Updated last year
- idk man this was the default github name☆35Updated 2 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆31Updated 3 years ago
- ☆35Updated 4 months ago
- miscellaneous codes☆35Updated last year
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆24Updated 2 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆33Updated 2 years ago
- ☆28Updated 7 months ago
- An In-memory Embedding of CPython☆30Updated 4 years ago
- Giga-byte Control Center (GCC) is a software package designed for improved user experience of Gigabyte hardware, often found in gaming an…☆31Updated 2 years ago
- ☆41Updated 2 years ago
- Remap ntdll.dll using only NTAPI functions with a suspended process☆25Updated 4 months ago
- Load a dynamic library from memory using a fuse mount☆31Updated last year
- ☆47Updated 2 years ago
- ☆43Updated last year