Simple project using syscalls (via Syswhispers2) to execute MessageBox shellcode.
☆76Nov 12, 2021Updated 4 years ago
Alternatives and similar repositories for SyscallsExample
Users that are interested in SyscallsExample are comparing it to the libraries listed below
Sorting:
- C# version of MDSec's ParallelSyscalls☆142Jan 9, 2022Updated 4 years ago
- Convert shellcode generated using pe_2_shellcode to cdb format.☆100Jan 18, 2022Updated 4 years ago
- Disable PPL via custom driver and dump lsass☆15Mar 13, 2021Updated 5 years ago
- x64 Assembly HalosGate direct System Caller to evade EDR UserLand hooks☆236Mar 8, 2023Updated 3 years ago
- LoadLibrary for offensive operations☆33Dec 14, 2021Updated 4 years ago
- C# Implementation of the Hell's Gate VX Technique☆216Jun 30, 2020Updated 5 years ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆116Feb 27, 2021Updated 5 years ago
- LdrLoadDll Unhooking☆135Jan 16, 2022Updated 4 years ago
- Clone running process with ZwCreateProcess☆59Nov 8, 2020Updated 5 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆107Mar 8, 2023Updated 3 years ago
- C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.☆111Apr 14, 2023Updated 2 years ago
- AV/EDR evasion via direct system calls.☆1,797Sep 3, 2022Updated 3 years ago
- Custom implementation of DbgHelp's MiniDumpWriteDump function. Uses static syscalls to replace low-level functions like NtReadVirtualMemo…☆127Jan 18, 2022Updated 4 years ago
- A collection of scripts used to support an OffSecOps pipeline.☆15Jan 31, 2021Updated 5 years ago
- ☆18Apr 4, 2019Updated 6 years ago
- A list of all the DLLs export in C:\windows\system32\☆221Dec 22, 2021Updated 4 years ago
- ☆51Sep 18, 2020Updated 5 years ago
- C++ WinRM API via Reflective DLL☆145Sep 11, 2021Updated 4 years ago
- ☆118Aug 7, 2022Updated 3 years ago
- A fake AMSI Provider which can be used for persistence.☆156May 16, 2021Updated 4 years ago
- ☆44Oct 16, 2023Updated 2 years ago
- .NET implementation of Cobalt Strike's External C2 Spec☆89Nov 12, 2021Updated 4 years ago
- You shall pass☆270Jul 16, 2022Updated 3 years ago
- Remove API hooks from a Beacon process.☆282Sep 18, 2021Updated 4 years ago
- Macro-Enabled Excel File Generator (.xlsm) using the EPPlus Library.☆148Sep 7, 2020Updated 5 years ago
- Various tools, PoCs and experiments related to my blog at https://www.forrest-orr.net/☆41Jul 22, 2021Updated 4 years ago
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2☆186Jul 21, 2022Updated 3 years ago
- ☆14Jan 7, 2022Updated 4 years ago
- SharpASM is a C# project that aims to automate ASM (i.e. shellcode) execution in .NET programs by exploiting code caves in RWX sections a…☆59May 23, 2022Updated 3 years ago
- This project is created for research into antivirus evasion by unhooking.☆18Sep 2, 2021Updated 4 years ago
- Yet another variant of Process Hollowing☆460Jul 31, 2025Updated 7 months ago
- A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.☆143Sep 24, 2021Updated 4 years ago
- ☆26May 22, 2021Updated 4 years ago
- A kernel mode Windows rootkit in development.☆49Dec 31, 2021Updated 4 years ago
- Simple PoC demonstrating syscall execution in C#☆156Apr 30, 2020Updated 5 years ago
- ☆12Sep 29, 2021Updated 4 years ago
- A tool for converting SysWhispers2 syscalls for use with Nim projects☆125Dec 22, 2021Updated 4 years ago
- Pseudorandom AES-256 encryption designed to protect shellcode and arbitrary strings. C# and C/C++ compatible.☆102Jan 7, 2022Updated 4 years ago
- ☆170Jan 7, 2022Updated 4 years ago