DLL Unhooking
☆12Mar 26, 2021Updated 4 years ago
Alternatives and similar repositories for Doge-Unhook
Users that are interested in Doge-Unhook are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Preventing 3rd Party DLLs from Injecting into your Malware☆25Aug 31, 2021Updated 4 years ago
- Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…☆25Mar 26, 2020Updated 5 years ago
- Golang implementation of Reflective load PE from memory☆63Jan 10, 2022Updated 4 years ago
- SyscallLoader☆11Sep 13, 2021Updated 4 years ago
- golang amsi bypass☆30Dec 4, 2021Updated 4 years ago
- neat way to detect memory read using nt layer function.☆13Aug 4, 2023Updated 2 years ago
- Windows NTLMSSP library☆10Aug 27, 2021Updated 4 years ago
- PrintNightmare , Local Privilege Escalation of CVE-2021-1675 or CVE-2021-34527☆58Jul 2, 2021Updated 4 years ago
- Inject scripts into gzipped pages without decompression☆14Feb 4, 2026Updated last month
- This contains a bundle with an executable to exploit ms17-010 remote or locally. It does not require Python.☆16Jan 10, 2019Updated 7 years ago
- impersonate trustedinstaller by fiddling with tokens☆17Aug 30, 2021Updated 4 years ago
- Golang evasion tool, execute-assembly .Net file☆98Apr 25, 2022Updated 3 years ago
- RunPE using Hell's Gate technique.☆32Dec 4, 2020Updated 5 years ago
- 从入门到放弃的产物,学习过程中用python实现的一个单点c2基本功能☆11Mar 11, 2020Updated 6 years ago
- Rust Weaponization for Red Team Engagements.☆15Oct 9, 2021Updated 4 years ago
- 父进程欺骗,另类administrator提权到system☆34Feb 18, 2022Updated 4 years ago
- check cs yara rules☆42Sep 7, 2021Updated 4 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 3 years ago
- ☆37Mar 28, 2020Updated 5 years ago
- 破解CS4.0☆163Mar 24, 2020Updated 6 years ago
- Ntdll Unhooking POC☆19Aug 12, 2022Updated 3 years ago
- A work in progress of constructing a minimal http(s) beacon for Cobalt Strike.☆27Apr 28, 2022Updated 3 years ago
- An easy tool to disable and enable windows defender protections☆107Mar 20, 2022Updated 4 years ago
- mssql 终端连接工具|命令执行☆40Sep 29, 2019Updated 6 years ago
- Executes shellcode from a remote server and aims to evade in-memory scanners☆31Nov 17, 2019Updated 6 years ago
- VTI的PoC检测工具☆13Jul 30, 2024Updated last year
- Reflective DLL injection Execution☆20Sep 9, 2022Updated 3 years ago
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆30Dec 31, 2021Updated 4 years ago
- Bypass cobaltstrike beacon config scan☆84May 24, 2021Updated 4 years ago
- Some demos to bypass EDRs or AVs by 78itsT3@m☆359Jul 6, 2022Updated 3 years ago
- C# implementation of the research by @jonaslyk and the drafted PoC from @LloydLabs☆150Oct 25, 2021Updated 4 years ago
- 免杀☆12May 6, 2024Updated last year
- Lsass memory dump.☆54Dec 7, 2023Updated 2 years ago
- DPX - the Doge Packer for eXecutables☆30Dec 21, 2021Updated 4 years ago
- 通过反射DLL注入、Win API、C#、以及底层实现NetUserAdd方式实现BypassAV进行增加用户的功能,实现Cobalt Strike插件化☆343Apr 10, 2022Updated 3 years ago
- A Precise and General Dynamic Deobfuscation Method for PowerShell Scripts☆20Mar 30, 2025Updated 11 months ago
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- 优化了GetSystemEarlyBird的代码结构☆21Jun 24, 2020Updated 5 years ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago