https://github.com/TheD1rkMtr/UnhookingPatch

Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime
https://github.com/TheD1rkMtr/UnhookingPatch

Last synced: 3 days ago
JSON representation

Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime

• Host: GitHub
• URL: https://github.com/TheD1rkMtr/UnhookingPatch
• Owner: SaadAhla
• License: mit
• Created: 2023-02-08T16:21:03.000Z (about 2 years ago)
• Default Branch: main
• Last Pushed: 2023-08-02T02:25:38.000Z (over 1 year ago)
• Last Synced: 2025-04-22T20:06:43.608Z (9 days ago)
• Language: C++
• Size: 82 KB
• Stars: 304
• Watchers: 4
• Forks: 52
• Open Issues: 2
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

• awesome-edr-bypass - TheD1rkMtr/UnhookingPatch: Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime

README

        
# UnhookingPatch

Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime

![image](https://raw.githubusercontent.com/illegal-instruction-co/UnhookingPatch/main/assets/view.jpg)

## How do i convert binary to MAC ?

Requirements: 

1. macaddress

```

pip install macaddress

./bin2mac.py calc.bin

```