Little program written in C# to bypass EDR hooks and dump the content of the lsass process
☆61Jun 24, 2021Updated 4 years ago
Alternatives and similar repositories for LsassUnhooker
Users that are interested in LsassUnhooker are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- C# Based Universal API Unhooker☆409Feb 18, 2022Updated 4 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 3 years ago
- NimReflectiveLoader is a Nim-based tool for in-memory DLL execution using Reflective DLL Loading.☆31Jan 21, 2024Updated 2 years ago
- HookDetection☆45Sep 3, 2021Updated 4 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Transparently call NTAPI via Halo's Gate with indirect syscalls.☆15Apr 26, 2024Updated last year
- C# AV/EDR Killer using less-known driver (BYOVD)☆185Nov 10, 2023Updated 2 years ago
- Terminate AV/EDR Processes using kernel driver☆352Jun 12, 2023Updated 2 years ago
- Socks proxy server using powershell. Supports local and reverse connections for pivoting.☆11Oct 7, 2020Updated 5 years ago
- UAC Bypass By Abusing Kerberos Tickets☆506Aug 10, 2023Updated 2 years ago
- 万户数据库解密☆21Dec 3, 2023Updated 2 years ago
- Hidedump:a lsassdump tools that may bypass EDR☆51May 23, 2024Updated last year
- Lateral Movement☆126Nov 14, 2023Updated 2 years ago
- NTAPI hook bypass with (semi) legit stack trace☆19May 9, 2023Updated 2 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- C# code to run PIC using CreateThread☆17Apr 19, 2019Updated 6 years ago
- 使用多种WinAPI进行权限维持的CobaltStrike脚本,包含API设置系统服务,设置计划任务,管理用户等。☆554Jan 18, 2022Updated 4 years ago
- Shellcode injection POC using syscalls.☆117Jun 5, 2020Updated 5 years ago
- Command line & PPID spoofing☆29Apr 15, 2023Updated 2 years ago
- Manual Map Your Files, Bypass 100% Runtime.☆11Aug 31, 2022Updated 3 years ago
- A collection of weaponized LPE exploits written in Go☆53Jan 23, 2025Updated last year
- Direct syscalls Injection to bypass AV/EDR☆11May 18, 2024Updated last year
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆300Sep 28, 2021Updated 4 years ago
- uuid-shellcode-execution☆13May 9, 2021Updated 4 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- ☆19Dec 29, 2021Updated 4 years ago
- dump lsass进程工具☆562Jul 20, 2023Updated 2 years ago
- A Combination LSASS Dumper and LSASS Parser. All Credit goes to @slyd0g and @cube0x0.☆151Nov 21, 2021Updated 4 years ago
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.☆309Dec 9, 2023Updated 2 years ago
- I will be uploading all the codes which I created with the help either opensource projects or blogs. This is a step by step EDR learning …☆288Aug 1, 2025Updated 7 months ago
- This is a crash for Brave Browser I found in New Years Eve, used to be a 0day when I found it☆18Feb 2, 2023Updated 3 years ago
- ☆16Feb 18, 2023Updated 3 years ago
- Tool developed using csharp (.net 4.5) for compressing and encrypting files to shorten transfer times. Supports multi-file compression an…☆14Feb 15, 2024Updated 2 years ago
- BloodyAv is Custom Shell Code loader to Bypass Av and Edr.☆14Mar 21, 2022Updated 4 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- 密码收集☆58Mar 16, 2022Updated 4 years ago
- An example of how to use Microsoft Windows Warbird technology☆97Apr 23, 2023Updated 2 years ago
- Using LNK files and user input simulation to start processes under explorer.exe☆34Sep 21, 2024Updated last year
- XXST-白加黑辅助挖掘工具,全程静默运行不影响正常使用☆17Apr 12, 2024Updated last year
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,376Oct 27, 2023Updated 2 years ago
- Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime☆313Aug 2, 2023Updated 2 years ago
- Inject shellcode into process via "EarlyBird"☆26Aug 30, 2021Updated 4 years ago