PoC capable of detecting manual syscalls from usermode.

Overview
Owner
winternl.com
null
EarlyBird: a poc of using the tech with syscalls on powershell.exe

EarlyBird: a poc of using the tech with syscalls on powershell.exe injecting cobalt strike shellcode to powershell.exe using EarlyBird Tech USAGE: fir

null 47 Jan 22, 2022
Gesture-Detecting-Macro-Keyboard - Glorified Bluetooth macro keyboard with machine learning (TensorFlow Lite for Microcontrollers) running on an ESP32.

Gesture detection tldr; Glorified Bluetooth macro keyboard with machine learning (TensorFlow Lite for Microcontrollers) running on an ESP32. Main feat

Jakob Krantz 63 Jun 19, 2022
flashrom is a utility for detecting, reading, writing, verifying and erasing flash chips

flashrom is a utility for detecting, reading, writing, verifying and erasing flash chips

null 554 Jun 26, 2022
Tool for detecting violations of ordering axioms in STL comparators

SortChecker++ is an extension of SortChecker tool to C++ sorting APIs like std::sort or std::binary_search. It verifies that comparators satisfy the S

Yury Gribov 9 Jun 6, 2022
Arduino-controlled bed that helps in reducing rate of disease infection by detecting whether a person accessed the safe space of a subject who is infected

Infection Control Bed BACKGROUND Spread of COVID-19 occurs via airborne parricels and droplets. People who are infected with COVID an release particle

Amir Hesham Ibrahim 3 Mar 17, 2022
KernelReadWriteMemory - Simple code to manipulate the memory of a usermode process from kernel.

KernelReadWriteMemory Simple proof of concept -code to manipulate the memory of a usermode process from kernelmode of a windows NT operating system. T

Zer0Mem0ry 144 Jun 26, 2022
This is a simple project of a driver + usermode.

This is a simple project of a driver + usermode.

Spuckwaffel 19 Jun 17, 2022
communicate between usermode and kernelmode through a swapped qword ptr argument

communicate between usermode and kernelmode through a swapped qword ptr argument

null 22 Jun 23, 2022
SinMapper - usermode driver mapper that forcefully loads any signed kernel driver

usermode driver mapper that forcefully loads any signed kernel driver (legit cert) with a big enough section (example: .data, .rdata) to map your driver over. the main focus of this project is to prevent modern anti-cheats (BattlEye, EAC) from finding your driver and having the power to hook anything due to being inside of legit memory (signed legit driver).

null 95 Jun 19, 2022
Another version of EVA using anti-debugging techs && using Syscalls

EVA2 Another version of EVA using anti-debugging techs && using Syscalls First thing: Dont Upload to virus total. this note is for you and not for me.

null 252 Jun 23, 2022
EVA3: using hellsgate in EVA to get the syscalls [tested with cobalt strike 4.3]

EVA3: using hellsgate in EVA to get the syscalls [tested with cobalt strike 4.3] note that i dont claim that the idea is mine, this repo is probably

null 28 Jun 10, 2022
CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)

Cobalt Strike BOF - Inject ETW Bypass Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate) Running InjectEtwBypass BOF from Cobalt

Bobby Cooke 221 Jun 14, 2022
Undetectable Loader for Cobalt Strike Using Syscalls And A External Shellcode

Hellsgate Undetectable Loader for Cobalt Strike Using Syscalls And A External Shellcode Features: Using Syscalls from Hellsgate tech loading the shell

JUICY 21 Nov 5, 2021
CredBandit - Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that back through your already existing Beacon communication channel

CredBandit CredBandit is a proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process a

anthemtotheego 160 Jun 17, 2022
Tuibox - A single-header terminal UI (TUI) library, capable of creating mouse-driven, interactive applications on the command line.

tuibox tuibox ("toybox") is a single-header terminal UI library, capable of creating mouse-driven, interactive applications on the command line. It is

Andrew 8 May 31, 2022
General purpose power controller, capable of driving soldering irons using different voltages and probe types.

All-purpose Power Micro Controller This general purpose power micro controller features: Wheatstone Bridge front-end New Texas Instruments INA823 inst

Tomasz Jastrzębski 26 Jun 27, 2022
Manual map shellcode (aka byte array) injector

ShellJector This little tool can download DLL from the internet and inject it as shellcode (aka byte array) into process with manual map injection. Th

Александр Вольф 16 May 24, 2022
External warzone cheat with manual mapped driver (function hook), overlay (nvidia hijack), simple esp, no recoil

external_warzone_cheat External warzone cheat with manual mapped driver (function hook), overlay (nvidia hijack), simple esp, no recoil Offsests are N

NMan 79 Jun 18, 2022
PNPASSIST: A “SMART” BUILD PLATFORM FOR MANUAL PCB ASSEMBLY

PnPAssist Description The PnPAssist is an open source innovative CNC table that position the next SMT component with a proper orientation for you to m

MakerStorage 34 Apr 14, 2022