Alternatives and similar repositories for SharpIndirectSyscalls

Users that are interested in SharpIndirectSyscalls are comparing it to the libraries listed below

• dmcxblue / NtCreateUserProcessBOF
  An Aggressor Script that utilizes NtCreateUserProcess to run binaries
  ☆30Updated 6 months ago
• susMdT / effective-waffle
  yet another sleep encryption thing. also used the default github repo name for this one.
  ☆69Updated 2 years ago
• hlldz / misc
  miscellaneous codes
  ☆35Updated last year
• GetRektBoy724 / SyscallShuffler
  Your NTDLL vaccine from modern direct syscall methods.
  ☆35Updated 3 years ago
• susMdT / fictional-invention
  idk man this was the default github name
  ☆35Updated 2 years ago
• MaorSabag / Paruns-Fart
  Just another ntdll unhooking using Parun's Fart technique
  ☆75Updated 2 years ago
• Orange-Cyberdefense / EDRSnowblast
  This project is an EDRSandblast fork, adding some features and custom pieces of code.
  ☆23Updated last year
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆50Updated 3 years ago
• Teach2Breach / early_cascade_inj_rs
  early cascade injection PoC based on Outflanks blog post, in rust
  ☆60Updated 8 months ago
• ricardojoserf / NativeNtdllRemap
  Remap ntdll.dll using only NTAPI functions with a suspended process
  ☆22Updated 3 months ago
• waawaa / Hooked-Injector
  Hooked create process injection for meterpreter
  ☆23Updated 4 years ago
• fin3ss3g0d / HookFinder
  Simple PoC to locate hooked functions by EDR in ntdll.dll
  ☆38Updated 2 years ago
• outflanknl / unmanaged-dotnet-patch
  Modify managed functions from unmanaged code
  ☆52Updated last year
• FalconForceTeam / bof-winrm-plugin-jump
  ☆27Updated 6 months ago
• x0reaxeax / PageSplit
  Splitting and executing shellcode across multiple pages
  ☆102Updated 2 years ago
• brosck / APIHookingDetector
  「⚙️」Detect which native Windows API's (NtAPI) are being hooked
  ☆38Updated 8 months ago
• frkngksl / UnlinkDLL
  DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable
  ☆57Updated last year
• yamakadi / ldr
  A work in progress BOF/COFF loader in Rust
  ☆51Updated 2 years ago
• EspressoCake / DefenderPathExclusions
  Creation and removal of Defender path exclusions and exceptions in C#.
  ☆31Updated last year
• iDigitalFlame / XrMT
  e(X)tensiable (Rust) Malware Toolkit: (Soon!) Full Featured Rust C2 Framework with Awesome Features!
  ☆24Updated 11 months ago
• caueb / ThreadlessStompingKann
  Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.
  ☆61Updated last year
• Offensive-Panda / D3MPSEC
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆25Updated 10 months ago
• bot984397 / eepy
  ☆34Updated 3 months ago
• CaptainNox / Hypnos
  A more reliable way of resolving syscall numbers in Windows
  ☆52Updated last year
• 0xv1n / proc-suspend
  powershell script i wrote that can suspend an arbitrary process (with limits)
  ☆20Updated 2 years ago
• KingOfTheNOPs / EnableWebDAVClient-BOF
  Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts
  ☆22Updated last year
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆64Updated 11 months ago
• OffenseTeacher / Steganim
  ☆47Updated 2 years ago
• Teach2Breach / snapinject_rs
  A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …
  ☆49Updated 6 months ago
• Bl4ckM1rror / PEAs
  ☆59Updated last year