ntdll-unhooking topic

Bypass the Event Trace Windows(ETW) and unhook ntdll.

unkvolism

A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (using pe2shc by @hasherezade). Payload encryption via SystemFuc...

reveng007

Inline syscalls made for MSVC supporting x64 and WOW64

nbs32k