unhooking

Pure-Go offensive-security primitives library: syscalls, evasion (AMSI/ETW/unhook/sleepmask), injection, PE packer, credentials, post-ex, C2. MITRE ATT&CK mapped. Authorized research only.

Updated May 22, 2026
Go

Kara-4search / FullDLLUnhooking_CSharp

Star

Unhook DLL via cleaning the DLL 's .text section

csharp bypass bypass-av bypass-antivirus charp ntdll redteam edr bypass- unhooking bypassedr edr-evasion apiunhook

Updated Sep 7, 2021
C#

Plxsmarex / SysInject

Star

Bypassing all EDR hooks while maintaining the cleanest callstack of all time with proxy calls and an exception handler.

Updated Apr 5, 2026
C

DispatchCode / bitdefender-ntdll-hook-bypass

Star

AV (BitDefender) function un-hook in C

c x86-64 x86 av disassembly hooking bitdefender unhooking

Updated Aug 27, 2022
C

fern89 / sysbootstrap

Star

Full IAT unhooking of all ntdll functions called from kernel32

windows syscalls unhooking

Updated Jan 16, 2024
C

0xbekoo / SSDT-Unhooking

Star

This project demonstrates simply a ssdt unhooking technique via NtLoadDriver routine in Windows 11 X64.

windows malware driver windows-kernel ssdt ssdt-hook unhooking ssdt-unhooking

Updated Sep 8, 2025
C

Improve this page

Add a description, image, and links to the unhooking topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the unhooking topic, visit your repo's landing page and select "manage topics."

Learn more

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

unhooking

Here are 10 public repositories matching this topic...

zimnyaa / noWatch

ars3n11 / MineSweeper

CodeXTF2 / evasion-adventures-files

PaulNorman01 / Dynamizer

oioio-space / maldev

Kara-4search / FullDLLUnhooking_CSharp

Plxsmarex / SysInject

DispatchCode / bitdefender-ntdll-hook-bypass

fern89 / sysbootstrap

0xbekoo / SSDT-Unhooking

Improve this page

Add this topic to your repo