unhook-bof
API hook remover
Tool to remove API hooks from a Beacon process.
Remove API hooks from a Beacon process.
262 stars
7 watching
57 forks
Language: C
last commit: about 3 years ago Related projects:
| Repository | Description | Stars |
|---|---|---|
 cobalt-strike/unhook-bof | Removes API hooks from a malicious process | 54 |
| rsmudge/zerologon-bof | An implementation of a Zero Logon protocol Bounce Of Flood (ZoBoF) vulnerability exploitation technique | 157 |
 encodegroup/bof-regsave | Creates a tool to extract registry keys from Windows systems using a Beacon Object File | 186 |
 xforcered/detect-hooks | A tool that detects userland API hooks installed by Anti-Virus/EDR software to prevent post-exploitation actions. | 97 |
| rsmudge/cve-2020-0796-bof | Exploits a vulnerability in SMBv3 compression to achieve privilege escalation and process manipulation. | 68 |
 zu1k/beacon_hook_bypass_memscan | Bypassing memory scanning to evade detection by the Karbenz CASB (Content Awareness Security Platform) security solution | 24 |
 passthehashbrowns/bofmask | A proof-of-concept project demonstrating how to mask Beacon's payload execution in Cobalt Strike while executing a user-provided BOF. | 108 |
 anthemtotheego/detect-hooks | A tool that attempts to detect userland API hooks in place by AV/EDR | 147 |
 escape-technologies/mookme | A tool designed to automate checks in monorepos during the pre-commit stage of Git | 102 |
 dtmsecurity/bof_helper | Creates C programs with custom API calls using Microsoft's documentation endpoint and grep results from mingw header files | 221 |
 crypt0p3g/bof-collection | A collection of beacon object files designed to be used in a remote access tool like Cobalt Strike. | 170 |
 pwn1sher/cs-bofs | A collection of compiled beacon object files from the CobaltStrike platform. | 99 |
 yulingtianxia/blockhook | A tool that intercepts and modifies Objective-C blocks at runtime. | 844 |
 mr-un1k0d3r/cookie-and-handle-stealer | A tool for extracting browser master keys to decrypt user cookies | 164 |
 bbva/kapow | An HTTP microframework allowing developers to easily expose scripts as APIs and restrict execution. | 612 |