Simple project using syscalls (via Syswhispers2) to execute MessageBox shellcode.
☆76Nov 12, 2021Updated 4 years ago
Alternatives and similar repositories for SyscallsExample
Users that are interested in SyscallsExample are comparing it to the libraries listed below
Sorting:
- C# version of MDSec's ParallelSyscalls☆141Jan 9, 2022Updated 4 years ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆116Feb 27, 2021Updated 5 years ago
- C# Implementation of the Hell's Gate VX Technique☆216Jun 30, 2020Updated 5 years ago
- ☆18Apr 4, 2019Updated 6 years ago
- Convert shellcode generated using pe_2_shellcode to cdb format.☆100Jan 18, 2022Updated 4 years ago
- x64 Assembly HalosGate direct System Caller to evade EDR UserLand hooks☆235Mar 8, 2023Updated 2 years ago
- ☆26May 22, 2021Updated 4 years ago
- Macro-Enabled Excel File Generator (.xlsm) using the EPPlus Library.☆148Sep 7, 2020Updated 5 years ago
- A collection of scripts used to support an OffSecOps pipeline.☆15Jan 31, 2021Updated 5 years ago
- Custom implementation of DbgHelp's MiniDumpWriteDump function. Uses static syscalls to replace low-level functions like NtReadVirtualMemo…☆127Jan 18, 2022Updated 4 years ago
- LdrLoadDll Unhooking☆135Jan 16, 2022Updated 4 years ago
- LoadLibrary for offensive operations☆33Dec 14, 2021Updated 4 years ago
- ☆53Nov 11, 2021Updated 4 years ago
- Clone running process with ZwCreateProcess☆59Nov 8, 2020Updated 5 years ago
- ☆51Sep 18, 2020Updated 5 years ago
- Disable PPL via custom driver and dump lsass☆15Mar 13, 2021Updated 4 years ago
- A list of all the DLLs export in C:\windows\system32\☆221Dec 22, 2021Updated 4 years ago
- C++ WinRM API via Reflective DLL☆145Sep 11, 2021Updated 4 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆108Mar 8, 2023Updated 2 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆70Jun 25, 2024Updated last year
- A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.☆143Sep 24, 2021Updated 4 years ago
- the most basic DLL ever to pop a cmd.☆24Jul 11, 2020Updated 5 years ago
- Proof of concept - Covert Channel using Windows Filtering Platform (C#)☆21Aug 29, 2021Updated 4 years ago
- A fake AMSI Provider which can be used for persistence.☆155May 16, 2021Updated 4 years ago
- UUID based Shellcode loader for your favorite C2☆86Dec 8, 2021Updated 4 years ago
- ☆118Aug 7, 2022Updated 3 years ago
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2☆187Jul 21, 2022Updated 3 years ago
- Rewrote HellsGate in C# for fun and learning☆86Feb 10, 2022Updated 4 years ago
- Remove API hooks from a Beacon process.☆282Sep 18, 2021Updated 4 years ago
- A collection of Cobalt Strike Malleable C2 profiles☆36Oct 13, 2020Updated 5 years ago
- Pseudorandom AES-256 encryption designed to protect shellcode and arbitrary strings. C# and C/C++ compatible.☆102Jan 7, 2022Updated 4 years ago
- Simple PoC demonstrating syscall execution in C#☆156Apr 30, 2020Updated 5 years ago
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆300Sep 28, 2021Updated 4 years ago
- ☆14Jan 7, 2022Updated 4 years ago
- Yet another variant of Process Hollowing☆458Jul 31, 2025Updated 7 months ago
- Assembly HellGate implementation that directly calls Windows System Calls and displays the PPID of the explorer.exe process☆107Mar 8, 2023Updated 2 years ago
- AV/EDR evasion via direct system calls.☆1,793Sep 3, 2022Updated 3 years ago
- A Combination LSASS Dumper and LSASS Parser. All Credit goes to @slyd0g and @cube0x0.☆151Nov 21, 2021Updated 4 years ago
- ☆18Aug 19, 2021Updated 4 years ago