☆12Jul 2, 2023Updated 2 years ago
Alternatives and similar repositories for DirectSysCall
Users that are interested in DirectSysCall are comparing it to the libraries listed below
Sorting:
- ☆18May 6, 2023Updated 2 years ago
- Threadless Injection Payload Toolkit☆12Oct 12, 2023Updated 2 years ago
- Windows Service with the implementation of the Process hollowing technique to run shellcode☆14Jul 20, 2023Updated 2 years ago
- A small example of loading BOFs in Python with pure reflection☆19Jan 26, 2023Updated 3 years ago
- idk man this was the default github name☆35Apr 23, 2023Updated 2 years ago
- example using NtCreateUserProcess in rust☆19Jan 20, 2025Updated last year
- BOF for C2 framework☆44Nov 9, 2024Updated last year
- Neuviks Terraform Red Team Workshop☆14Aug 10, 2025Updated 7 months ago
- Utility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.☆40Feb 25, 2023Updated 3 years ago
- Find DLLs with RWX section☆79Jul 3, 2023Updated 2 years ago
- A more reliable way of resolving syscall numbers in Windows☆54Feb 12, 2024Updated 2 years ago
- Collection of self-made Red Team tools that have come in handy☆12Aug 25, 2024Updated last year
- Self Delete DLL☆22Feb 15, 2024Updated 2 years ago
- ☆15Aug 17, 2023Updated 2 years ago
- A framework for backdooring Microsoft Nuget packages.☆10Jan 9, 2024Updated 2 years ago
- Modifies machine.config for persistence after installing signed .net assembly onto GAC☆13Mar 17, 2022Updated 4 years ago
- A VSCode devcontainer for development of COFF files with batteries included.☆50Jul 10, 2023Updated 2 years ago
- ☆31Jul 26, 2024Updated last year
- A simple example on how to initiate a direct syscall on WoW64☆12Feb 2, 2018Updated 8 years ago
- ☆61Jan 9, 2023Updated 3 years ago
- ☆14Sep 26, 2023Updated 2 years ago
- Watches the Downloads folder for any new files and inserts it into Nemesis for analysis.☆15Feb 29, 2024Updated 2 years ago
- A python port of CCob's ThreadlessInject☆25Mar 18, 2023Updated 3 years ago
- Code for blog written at 0xdarkvortex.dev Red Team TTPs Part 2☆19Oct 8, 2020Updated 5 years ago
- ☆12Jun 22, 2022Updated 3 years ago
- ☆37Feb 11, 2023Updated 3 years ago
- ☆23Jul 28, 2023Updated 2 years ago
- early cascade injection PoC based on Outflanks blog post, in rust☆62Nov 8, 2024Updated last year
- A CPU Backdoor. Phrack 72☆15Dec 4, 2025Updated 3 months ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- Are you forwarding DNS traffic to another server for some reason, but want to make sure only queries for certain names are passed? Say no…☆20Oct 16, 2022Updated 3 years ago
- A dotnet executable to get an Entra token in an authenticated runtime☆17Oct 30, 2024Updated last year
- Just another version of the custom stack call from Proxy-Function-Calls-For-ETwTI☆34Mar 17, 2023Updated 3 years ago
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR☆21Feb 8, 2024Updated 2 years ago
- Self delete DLL (2)☆14Feb 15, 2024Updated 2 years ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆99Oct 13, 2022Updated 3 years ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆63Mar 19, 2024Updated 2 years ago
- Small tool to play with IOCs caused by Imageload events☆44May 14, 2023Updated 2 years ago
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆46Jul 29, 2024Updated last year