Little program written in C# to bypass EDR hooks and dump the content of the lsass process
☆60Jun 24, 2021Updated 4 years ago
Alternatives and similar repositories for LsassUnhooker
Users that are interested in LsassUnhooker are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- C# Based Universal API Unhooker☆408Feb 18, 2022Updated 4 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 4 years ago
- NimReflectiveLoader is a Nim-based tool for in-memory DLL execution using Reflective DLL Loading.☆30Jan 21, 2024Updated 2 years ago
- HookDetection☆45Sep 3, 2021Updated 4 years ago
- Transparently call NTAPI via Halo's Gate with indirect syscalls.☆13Apr 26, 2024Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- C# AV/EDR Killer using less-known driver (BYOVD)☆186Nov 10, 2023Updated 2 years ago
- Terminate AV/EDR Processes using kernel driver☆353Jun 12, 2023Updated 2 years ago
- Socks proxy server using powershell. Supports local and reverse connections for pivoting.☆11Oct 7, 2020Updated 5 years ago
- UAC Bypass By Abusing Kerberos Tickets☆509Aug 10, 2023Updated 2 years ago
- 万户数据库解密☆21Dec 3, 2023Updated 2 years ago
- Hidedump:a lsassdump tools that may bypass EDR☆51May 23, 2024Updated 2 years ago
- Lateral Movement☆126Nov 14, 2023Updated 2 years ago
- NTAPI hook bypass with (semi) legit stack trace☆18May 9, 2023Updated 3 years ago
- C# code to run PIC using CreateThread☆17Apr 19, 2019Updated 7 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- 使用多种WinAPI进行权限维持的CobaltStrike脚本,包含API设置系统服务,设置计划任务,管理用户等。☆553Jan 18, 2022Updated 4 years ago
- Shellcode injection POC using syscalls.☆116Jun 5, 2020Updated 6 years ago
- Command line & PPID spoofing☆30Apr 15, 2023Updated 3 years ago
- Manual Map Your Files, Bypass 100% Runtime.☆11Aug 31, 2022Updated 3 years ago
- Direct syscalls Injection to bypass AV/EDR☆11May 18, 2024Updated 2 years ago
- A collection of weaponized LPE exploits written in Go☆52Jan 23, 2025Updated last year
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆300Sep 28, 2021Updated 4 years ago
- uuid-shellcode-execution☆12May 9, 2021Updated 5 years ago
- ☆19Dec 29, 2021Updated 4 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- dump lsass进程工具☆559Jul 20, 2023Updated 2 years ago
- A Combination LSASS Dumper and LSASS Parser. All Credit goes to @slyd0g and @cube0x0.☆149Nov 21, 2021Updated 4 years ago
- I will be uploading all the codes which I created with the help either opensource projects or blogs. This is a step by step EDR learning …☆287Aug 1, 2025Updated 10 months ago
- This is a crash for Brave Browser I found in New Years Eve, used to be a 0day when I found it☆18Feb 2, 2023Updated 3 years ago
- ☆16Feb 18, 2023Updated 3 years ago
- BloodyAv is Custom Shell Code loader to Bypass Av and Edr.☆15Mar 21, 2022Updated 4 years ago
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.☆312Dec 9, 2023Updated 2 years ago
- Tool developed using csharp (.net 4.5) for compressing and encrypting files to shorten transfer times. Supports multi-file compression an…☆14Feb 15, 2024Updated 2 years ago
- 密码收集☆57Mar 16, 2022Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- An example of how to use Microsoft Windows Warbird technology☆96Apr 23, 2023Updated 3 years ago
- Using LNK files and user input simulation to start processes under explorer.exe☆34Sep 21, 2024Updated last year
- XXST-白加黑辅助挖掘工具,全程静默运行不影响正常使用☆17Apr 12, 2024Updated 2 years ago
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,391Oct 27, 2023Updated 2 years ago
- Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime☆311Aug 2, 2023Updated 2 years ago
- Inject shellcode into process via "EarlyBird"☆27Aug 30, 2021Updated 4 years ago
- some AV / EDR / analysis studies☆10May 21, 2023Updated 3 years ago