Simple example for getting started with eBPF for Windows
☆50Feb 23, 2025Updated last year
Alternatives and similar repositories for TraceConnections
Users that are interested in TraceConnections are comparing it to the libraries listed below
Sorting:
- Simple utility to watch directory change notifications on a given path☆20Oct 6, 2017Updated 8 years ago
- A few examples of how to trap virtual memory access on Windows.☆41Dec 18, 2024Updated last year
- Updated version of a long known self deletion technique to work with 24H2.☆61Jun 9, 2025Updated 8 months ago
- Work with eBPF on Windows☆44Feb 26, 2025Updated last year
- Unused DLL hollowing PoC in Nim☆17Jan 31, 2022Updated 4 years ago
- This is a PoC using native windows API directx, to hide and decrypt shellcode via compute shader☆10May 3, 2025Updated 10 months ago
- A New Exploitation Technique for Visual Studio Projects☆11Nov 5, 2023Updated 2 years ago
- Mimikatz embedded as classes☆28Oct 25, 2021Updated 4 years ago
- An updated C# port of X-Ways X-Tensions API.☆11Mar 12, 2018Updated 7 years ago
- MuddyWater C2 framework research☆12Jun 28, 2023Updated 2 years ago
- A tracker DLL which enables 'NTAPI->Syscall' tracking whenever it is loaded. It calls 'NtSetInformationProcess' API call with a callback …☆14Oct 21, 2024Updated last year
- A simple Linux in-memory .so loader☆33Mar 29, 2023Updated 2 years ago
- VisualStudio port of https://github.com/guervild/BOFs/tree/dev/SilentLsassDump☆24Jul 6, 2023Updated 2 years ago
- NTFS file system specimens☆13Jul 3, 2023Updated 2 years ago
- A simple BOF that disables some logging with NtSetInformationProcess☆13Oct 13, 2023Updated 2 years ago
- This is a repository for reporting any issues in any of my software☆13May 15, 2018Updated 7 years ago
- Copy of the libewf source code that is configured for a 64-bit MS Visual Studio build.☆17Aug 17, 2020Updated 5 years ago
- A set of programs for analyzing common vulnerabilities in COM☆249Sep 8, 2024Updated last year
- ☆40May 10, 2025Updated 9 months ago
- ☆36Oct 26, 2023Updated 2 years ago
- Mentally ill EtwTi parser☆68Jan 11, 2026Updated last month
- API Set resolver for Windows☆141Sep 11, 2024Updated last year
- Windows kernel driver that detects hypervisors by probing SIDT/LIDT edge cases, paging/TLB behaviors, privilege transitions, and timing e…☆36Updated this week
- ELF Beacon Object File (BOF) Template☆19Nov 18, 2024Updated last year
- ☆22Jan 15, 2025Updated last year
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- A proof-of-concept shellcode loader that leverages AI/ML face recognition models to verify the identity of a user on a target system☆42Oct 30, 2024Updated last year
- Proof-of-concept modular implant platform leveraging v8☆54Mar 4, 2025Updated last year
- miscellaneous codes☆36Sep 24, 2023Updated 2 years ago
- Reverse engineering winapi function loadlibrary.☆237Apr 17, 2023Updated 2 years ago
- C# alternative to the linux "cat" command... Prints file contents to console. For use with Cobalt Strike's Execute-Assembly☆15Jul 15, 2021Updated 4 years ago
- rust clr heap encryption (https://github.com/lap1nou/CLR_Heap_encryption), but no heap encryption.☆17Jan 6, 2024Updated 2 years ago
- Manage and maintain Defender XDR custom collection configuration☆34Nov 19, 2025Updated 3 months ago
- ☆42Feb 18, 2025Updated last year
- Impersonate Tokens using only NTAPI functions☆84Apr 4, 2025Updated 11 months ago
- A simple way to spoof return addresses using an exception handler☆43Aug 3, 2022Updated 3 years ago
- Trace events in real time sessions☆47Aug 25, 2023Updated 2 years ago
- Windows Filtering Platform Explorer☆330Aug 28, 2025Updated 6 months ago
- ETrace is a syscall tracing utility powered by eBPF☆26Feb 26, 2023Updated 3 years ago