thiagopeixoto / allsysnoLinks
This tool parses NTDLL.DLL, extracts all the syscall numbers and helps in making direct syscalls, in order to help evasion.
☆15Updated 3 years ago
Alternatives and similar repositories for allsysno
Users that are interested in allsysno are comparing it to the libraries listed below
Sorting:
- A spiritual .NET equivalent to the Gargoyle memory scanning evasion technique☆52Updated 6 years ago
- Specialized tool to dump Position Independent Code.☆22Updated 4 years ago
- AMSI detection PoC☆32Updated 5 years ago
- ☆15Updated last year
- The repository accompanying the Buer Emulation workshop☆24Updated 3 years ago
- C# Implementation of Jared Atkinson's Get-InjectedThread.ps1☆54Updated 4 years ago
- An example of COM hijacking using a proxy DLL.☆28Updated 3 years ago
- ☆24Updated 3 years ago
- Playing with PE's and Building Structures by Hand☆22Updated 3 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆33Updated 2 years ago
- x64 Windows package of the shellcode2exe tool☆14Updated 4 years ago
- ☆17Updated 4 years ago
- Loads .NET Assembly Via CLR Loader☆16Updated 6 years ago
- ☆18Updated 3 years ago
- Tool to manage user privileges☆29Updated 5 years ago
- Dump Lsass Memory Using a Reflective Dll☆14Updated 3 years ago
- ☆48Updated 4 years ago
- A small commented POC for removing API hooks placed by AV/EDR.☆34Updated 5 years ago
- A simple Linux in-memory .so loader☆30Updated 2 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆31Updated 2 years ago
- Covenant is a collaborative .NET C2 framework for red teamers.☆22Updated 4 years ago
- Recreating and reviewing the Windows persistence methods☆38Updated 3 years ago
- Some stuff for PHD2021☆14Updated last month
- A library to parse, modify, and implement Malleable C2 profiles☆26Updated 6 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆27Updated 3 years ago
- Simple skeleton for a CPP DLL☆37Updated 5 years ago
- Just another useless C2 occupying space in some HDD somewhere.☆20Updated 2 years ago
- DLL hijacking vulnerability scanner and PE infector tool☆18Updated 7 years ago
- Disable PPL via custom driver and dump lsass☆15Updated 4 years ago
- A repository where I share my injection implemintations☆29Updated 4 years ago