Alternatives and similar repositories for SharpIndirectSyscalls:

Users that are interested in SharpIndirectSyscalls are comparing it to the libraries listed below

• GetRektBoy724 / SyscallShuffler
  Your NTDLL vaccine from modern direct syscall methods.
  ☆35Updated 2 years ago
• reveng007 / reveng_loader
  C# loader capable of running stage-1 from remote url, file path as well as file share
  ☆17Updated 2 years ago
• susMdT / effective-waffle
  yet another sleep encryption thing. also used the default github repo name for this one.
  ☆70Updated last year
• susMdT / ForsHops
  ForsHops
  ☆22Updated this week
• EspressoCake / BetterPipename
  Example of using Sleep to create better named pipes.
  ☆41Updated last year
• waawaa / Hooked-Injector
  Hooked create process injection for meterpreter
  ☆23Updated 3 years ago
• GetRektBoy724 / SysGate
  One gate to all syscalls!
  ☆23Updated 3 years ago
• hlldz / misc
  miscellaneous codes
  ☆35Updated last year
• GetRektBoy724 / Breaking-Detecting-Direct-Syscall-Techniques
  A repository filled with ideas to break/detect direct syscall techniques
  ☆27Updated 2 years ago
• yamakadi / ldr
  A work in progress BOF/COFF loader in Rust
  ☆47Updated 2 years ago
• dmcxblue / NtCreateUserProcessBOF
  An Aggressor Script that utilizes NtCreateUserProcess to run binaries
  ☆25Updated last month
• lem0nSec / Dsebler
  Reimplementation of the KExecDD DSE bypass technique.
  ☆47Updated 6 months ago
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆45Updated 2 years ago
• FalconForceTeam / bof-winrm-plugin-jump
  ☆25Updated 2 months ago
• Allevon412 / BreadManModuleStomping
  ☆43Updated last year
• G0ldenGunSec / DayBird
  Extension functionality for the NightHawk operator client
  ☆27Updated last year
• GetRektBoy724 / HalosUnhooker
  Halos Gate-based NTAPI Unhooker
  ☆51Updated 2 years ago
• susMdT / fictional-invention
  idk man this was the default github name
  ☆35Updated last year
• Uri3n / Advanced-TLS-Injection
  Threadless injection via TLS callbacks
  ☆16Updated 4 months ago
• C5Hackr / c_syscalls
  https://github.com/janoglezcampos/c_syscalls with the ASM rewritten by myself for Visual Studio's Compiler.
  ☆30Updated 9 months ago
• caueb / ThreadlessStompingKann
  Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.
  ☆59Updated last year
• MaorSabag / HollowMask
  Just another Process Injection using Process Hollowing technique.
  ☆16Updated last year
• paranoidninja / BRC4-Seminar-Stage-I
  These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be…
  ☆19Updated last year
• VirtualAlllocEx / Create_Thread_Inline_Assembly_x86
  This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly
  ☆18Updated last year
• GetRektBoy724 / SharpHalos
  My implementation of Halo's Gate technique in C#
  ☆54Updated 2 years ago
• EvilBytecode / Evilbytecode-Gate
  Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…
  ☆20Updated last month
• nbaertsch / PoolProxy
  Proxy function calls through the thread pool with ease
  ☆23Updated last month
• thiagomayllart / DarkMelkor
  Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.
  ☆27Updated 3 years ago
• Quack2332 / Simple-.NET-Obfuscator-PoC
  ☆20Updated 9 months ago
• HulkOperator / CallStackSpoofer
  ☆25Updated 3 months ago