• Stars
    star
    49
  • Rank 585,874 (Top 12 %)
  • Language
    C#
  • Created over 3 years ago
  • Updated about 3 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

More Repositories

1

DInvoke_shellcodeload_CSharp

ShellCodeLoader via DInvoke
C#
43
star
2

HookDetection_CSharp

HookDetection
C#
42
star
3

MappingInjection_CSharp

MappingInjection via csharp
C#
34
star
4

SysCall_ShellcodeLoad_Csharp

Load shellcode via syscall
C#
30
star
5

Fiber_ShellcodeExecution

Using fibers to execute shellcode in a local process via csharp
C#
25
star
6

PEB-PPIDspoofing_Csharp

Command line & PPID spoofing
C#
21
star
7

BypassETW_CSharp

Bypassing ETW with Csharp
C#
18
star
8

EarlyBirdInjection_CSharp

Inject shellcode into process via "EarlyBird"
C#
17
star
9

WindowsEventLogsBypass_Csharp

Bypass windows eventlogs & Sysmon
C#
13
star
10

ThreadHijacking_CSharp

Process inject technique "Thread hijacking" via csharp
C#
12
star
11

BypassAMSI_CSharp

Bypass AMSI
C#
12
star
12

APC_ShellcodeExecution_CSharp

Shellcode Load or execute via "APC technic"
C#
11
star
13

HellgateLoader_CSharp

Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.
C#
11
star
14

Simple_ShellCodeLoader_CSharp

A Simple ShellcodeLoader
C#
10
star
15

ProcessHollowing_CSharp

ProcessHollowing via csharp
C#
10
star
16

FullDLLUnhooking_CSharp

Unhook DLL via cleaning the DLL 's .text section
C#
6
star
17

AddressOfEntryPoint_Hijack_CSharp

Shellcode injection or execution via AddressOfEntryPoint hijack.
C#
6
star
18

JIT_DEMO_Csharp

A little JIT demo to help you understander how JIT works
C#
6
star
19

CreateThreadpoolWait_ShellcodeExecution_CSharp

Shellcode execution via CreateThreadpoolWait with Csharp
C#
6
star
20

AMSICheck_CSharp

A tool to detect the integrity of AmsiScanbuffer in memory ,and defend AMSI bypass
C#
3
star
21

ProjectPics

For temp pictures
3
star
22

test

test
1
star