Search Results - RepositoryStats

30

169

unknown

5

Inline syscalls made for MSVC supporting x64 and WOW64

ssdt ntdll win32u windows syscalls microsoft ssdt-hook syscall-hook syscall-table syscall-fuzzer ntdll-unhooking syscall-hooking

Created 2023-04-03

13 commits to master branch, last one 11 months ago

ReflectiveNtdll reveng007

23

161

mit

3

A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (using pe2shc by @hasherezade). Payload encryption via SystemFuc...

edr fiber bypass dropper evasion implant malware antivirus ntdll-unhooking bypass-antivirus process-injection systemfunction033

Created 2023-01-30

20 commits to main branch, last one about a year ago

Fuck-Etw unkvolism

12

87

unknown

1

Bypass the Event Trace Windows(ETW) and unhook ntdll.

evasion malware red-team etw-evasion ntdll-unhooking

Created 2023-09-25

6 commits to main branch, last one 9 months ago