x42en/sysplant external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

x42en/sysplant

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/x42en/sysplant)

Close

x42en / sysplantView on GitHubMore

• External links
• Readme badge

Your Windows syscall hooking factory - feat Canterlot's Gate - All accessible over MCP

☆130Jun 16, 2026Updated this week

Alternatives and similar repositories for sysplant

Users that are interested in sysplant are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• itaymigdal / GhostNap

  View on GitHub
  Sleep obfuscation for shellcode implants and their reflective shit
  ☆55Sep 19, 2023Updated 2 years ago
• itaymigdal / PartyLoader

  View on GitHub
  Threadless shellcode injection tool
  ☆68Aug 5, 2024Updated last year
• frkngksl / NimExec

  View on GitHub
  Fileless Command Execution for Lateral Movement in Nim
  ☆395Apr 4, 2026Updated 2 months ago
• fin3ss3g0d / IoDllProxyLoad

  View on GitHub
  DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly
  ☆66Mar 19, 2024Updated 2 years ago
• itaymigdal / HubbleHub

  View on GitHub
  Explore and filter your GitHub starred repositories
  ☆24Dec 5, 2023Updated 2 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• CognisysGroup / HadesLdr

  View on GitHub
  Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2
  ☆295Jul 15, 2023Updated 2 years ago
• S3cur3Th1sSh1t / Ruy-Lopez

  View on GitHub
  ☆322Jun 28, 2023Updated 2 years ago
• Mr-Un1k0d3r / Cookie-and-Handle-Stealer

  View on GitHub
  C or BOF file to extract WebKit master key to decrypt user cookie
  ☆208Apr 29, 2024Updated 2 years ago
• mansk1es / GhostFart

  View on GitHub
  ☆142Jun 21, 2023Updated 2 years ago
• eversinc33 / BouncyGate

  View on GitHub
  Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL (as in RecycledGate).
  ☆186Feb 12, 2023Updated 3 years ago
• YOLOP0wn / POSTDump

  View on GitHub
  ☆345Nov 10, 2025Updated 7 months ago
• OffenseTeacher / NimRekey

  View on GitHub
  ☆39May 20, 2023Updated 3 years ago
• nbaertsch / nimvoke

  View on GitHub
  Indirect syscalls + DInvoke made simple.
  ☆97Dec 24, 2024Updated last year
• WKL-Sec / dcomhijack

  View on GitHub
  Lateral Movement Using DCOM and DLL Hijacking
  ☆327Jun 18, 2023Updated 3 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• trustedsec / CS_COFFLoader

  View on GitHub
  ☆138Dec 4, 2023Updated 2 years ago
• VoldeSec / PatchlessCLRLoader

  View on GitHub
  .NET assembly loader with patchless AMSI and ETW bypass
  ☆382Apr 19, 2023Updated 3 years ago
• OffenseTeacher / Steganim

  View on GitHub
  ☆46Jun 21, 2023Updated 2 years ago
• SaadAhla / D1rkInject

  View on GitHub
  Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…
  ☆188Aug 2, 2023Updated 2 years ago
• deepinstinct / Dirty-Vanity

  View on GitHub
  A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…
  ☆673Dec 23, 2022Updated 3 years ago
• EspressoCake / BetterPipename

  View on GitHub
  Example of using Sleep to create better named pipes.
  ☆41Jul 25, 2023Updated 2 years ago
• EspressoCake / BOF_Development_Docker

  View on GitHub
  A VSCode devcontainer for development of COFF files with batteries included.
  ☆50Jul 10, 2023Updated 2 years ago
• zimawhit3 / Bitmancer

  View on GitHub
  Nim Library for Offensive Security Development
  ☆200Sep 4, 2023Updated 2 years ago
• kleiton0x00 / Proxy-DLL-Loads

  View on GitHub
  A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.
  ☆411Jan 11, 2026Updated 5 months ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• S3cur3Th1sSh1t / NimGetSyscallStub

  View on GitHub
  Get fresh Syscalls from a fresh ntdll.dll copy
  ☆232Jan 28, 2022Updated 4 years ago
• frkngksl / NimicStack

  View on GitHub
  NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs
  ☆95Apr 4, 2026Updated 2 months ago
• OtterHacker / SetProcessInjection

  View on GitHub
  ☆156Oct 2, 2023Updated 2 years ago
• passthehashbrowns / VectoredExceptionHandling

  View on GitHub
  ☆111Aug 21, 2024Updated last year
• thefLink / Hunt-Weird-Syscalls

  View on GitHub
  ETW based POC to identify direct and indirect syscalls
  ☆197Apr 19, 2023Updated 3 years ago
• Mr-Un1k0d3r / Elevate-System-Trusted-BOF

  View on GitHub
  ☆180Mar 27, 2023Updated 3 years ago
• outflanknl / unmanaged-dotnet-patch

  View on GitHub
  Modify managed functions from unmanaged code
  ☆53Feb 1, 2024Updated 2 years ago
• Haunted-Banshee / ErebusGate

  View on GitHub
  ErebusGate for Nim Bypass AV/EDR
  ☆159Nov 7, 2022Updated 3 years ago
• mandiant / msi-search

  View on GitHub
  ☆291Jul 20, 2023Updated 2 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• Teach2Breach / pool_party_rs

  View on GitHub
  remote process injections using pool party techniques
  ☆70Jun 29, 2025Updated 11 months ago
• S3cur3Th1sSh1t / Caro-Kann

  View on GitHub
  Encrypted shellcode Injection to avoid Kernel triggered memory scans
  ☆421Sep 12, 2023Updated 2 years ago
• reveng007 / DarkWidow

  View on GitHub
  Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …
  ☆802Jan 26, 2026Updated 4 months ago
• x0reaxeax / PageSplit

  View on GitHub
  Splitting and executing shellcode across multiple pages
  ☆103Jun 8, 2023Updated 3 years ago
• nettitude / ETWHash

  View on GitHub
  C# POC to extract NetNTLMv1/v2 hashes from ETW provider
  ☆262May 10, 2023Updated 3 years ago
• GetRektBoy724 / SyscallShuffler

  View on GitHub
  Your NTDLL vaccine from modern direct syscall methods.
  ☆36Apr 5, 2022Updated 4 years ago
• fin3ss3g0d / NativeThreadpool

  View on GitHub
  Work, timer, and wait callback example using solely Native Windows APIs.
  ☆89Feb 11, 2024Updated 2 years ago