Small tool to play with IOCs caused by Imageload events
☆45May 14, 2023Updated 3 years ago
Alternatives and similar repositories for Hunt-Weird-ImageLoads
Users that are interested in Hunt-Weird-ImageLoads are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ETW based POC to identify direct and indirect syscalls☆197Apr 19, 2023Updated 3 years ago
- idk man this was the default github name☆35Apr 23, 2023Updated 3 years ago
- ☆10Apr 19, 2026Updated last month
- Manually perform syscalls without going through any external API or DLL.☆19Apr 19, 2023Updated 3 years ago
- Monitors ETW for security relevant syscalls maintaining the set called by each unique process☆90May 17, 2023Updated 3 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- ☆62Jan 9, 2023Updated 3 years ago
- ☆115Oct 10, 2022Updated 3 years ago
- ☆30Nov 7, 2022Updated 3 years ago
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆246Sep 26, 2023Updated 2 years ago
- Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections☆177May 17, 2023Updated 3 years ago
- A PoC implementation for dynamically masking call stacks with timers.☆312Feb 13, 2023Updated 3 years ago
- Sliver agent rewritten in C++☆49Sep 4, 2024Updated last year
- improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys☆49Mar 10, 2023Updated 3 years ago
- Repo containing my public talks☆23May 30, 2023Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- ☆162Jul 31, 2022Updated 3 years ago
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆20Apr 17, 2023Updated 3 years ago
- Threadless Process Injection through entry point hijacking☆353Sep 10, 2024Updated last year
- ☆224Oct 22, 2023Updated 2 years ago
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆262May 10, 2023Updated 3 years ago
- Simple BOF to read the protection level of a process☆123May 10, 2023Updated 3 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 3 years ago
- ☆164Dec 30, 2022Updated 3 years ago
- Using fibers to run in-memory code.☆244Oct 19, 2023Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Implementation of Advanced Module Stomping and Heap/Stack Encryption☆227Jul 25, 2023Updated 2 years ago
- LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.☆328Jan 17, 2024Updated 2 years ago
- windows内核安全与驱动开发代码☆12Apr 4, 2020Updated 6 years ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆68May 2, 2023Updated 3 years ago
- Extension functionality for the NightHawk operator client☆27Oct 31, 2023Updated 2 years ago
- A Poc on blocking Procmon from monitoring network events☆112Aug 7, 2025Updated 10 months ago
- XOR decrypting shellcode using the GPU with OpenCL. Original PoC adopted by e.g. CoffeeLoader, GpuGate.☆126May 22, 2025Updated last year
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆141Sep 12, 2022Updated 3 years ago
- ☆106May 15, 2023Updated 3 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- A work in progress BOF/COFF loader in Rust☆50Mar 22, 2023Updated 3 years ago
- Just a git repo for the sleepmask detection rule i found in https://codex-7.gitbook.io/codexs-terminal-window/blue-team/detecting-cobalt-…☆16Jun 4, 2025Updated last year
- Watches the Downloads folder for any new files and inserts it into Nemesis for analysis.☆15Feb 29, 2024Updated 2 years ago
- ☆124Oct 9, 2023Updated 2 years ago
- miscellaneous scripts and programs☆286May 13, 2026Updated last month
- BOF to terminate a process via PID as argument☆28Sep 7, 2025Updated 9 months ago
- (First Public?) Sample of unhooking ntdll (All Exports & IAT imports) hooks in Rust using in-memory disassembly, avoiding direct syscalls…☆138Mar 3, 2025Updated last year