There are no reviews yet. Be the first to send feedback to the community and the maintainers!
NewNtdllBypassInlineHook_CSharp
Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.DInvoke_shellcodeload_CSharp
ShellCodeLoader via DInvokeHookDetection_CSharp
HookDetectionMappingInjection_CSharp
MappingInjection via csharpSysCall_ShellcodeLoad_Csharp
Load shellcode via syscallFiber_ShellcodeExecution
Using fibers to execute shellcode in a local process via csharpPEB-PPIDspoofing_Csharp
Command line & PPID spoofingBypassETW_CSharp
Bypassing ETW with CsharpEarlyBirdInjection_CSharp
Inject shellcode into process via "EarlyBird"WindowsEventLogsBypass_Csharp
Bypass windows eventlogs & SysmonThreadHijacking_CSharp
Process inject technique "Thread hijacking" via csharpBypassAMSI_CSharp
Bypass AMSIAPC_ShellcodeExecution_CSharp
Shellcode Load or execute via "APC technic"HellgateLoader_CSharp
Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.Simple_ShellCodeLoader_CSharp
A Simple ShellcodeLoaderProcessHollowing_CSharp
ProcessHollowing via csharpFullDLLUnhooking_CSharp
Unhook DLL via cleaning the DLL 's .text sectionAddressOfEntryPoint_Hijack_CSharp
Shellcode injection or execution via AddressOfEntryPoint hijack.CreateThreadpoolWait_ShellcodeExecution_CSharp
Shellcode execution via CreateThreadpoolWait with CsharpAMSICheck_CSharp
A tool to detect the integrity of AmsiScanbuffer in memory οΌand defend AMSI bypassProjectPics
For temp picturestest
testWFH
CVE-2024-21338
Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.Love Open Source and this site? Check out how you can help us