Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/SaadAhla/UnhookingPatch
Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime
https://github.com/SaadAhla/UnhookingPatch
Last synced: 3 months ago
JSON representation
Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime
- Host: GitHub
- URL: https://github.com/SaadAhla/UnhookingPatch
- Owner: SaadAhla
- License: mit
- Created: 2023-02-08T16:21:03.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2023-08-02T02:25:38.000Z (over 1 year ago)
- Last Synced: 2024-05-22T02:11:07.372Z (6 months ago)
- Language: C++
- Size: 82 KB
- Stars: 275
- Watchers: 3
- Forks: 45
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-edr-bypass - TheD1rkMtr/UnhookingPatch: Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime
README
# UnhookingPatch
Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime
## How do i convert binary to MAC ?
Requirements:
1. macaddress
```
pip install macaddress
./bin2mac.py calc.bin
```