Skip to content

Instantly share code, notes, and snippets.

@susMdT
susMdT / Program.cs
Created February 24, 2023 02:57
C# Amsi bypass with hardware breakpint
using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.CompilerServices;
using System.Net;
using System.Reflection;
using System.Runtime.InteropServices;
namespace Test
{
// CCOB IS THE GOAT
@bats3c
bats3c / ldrloaddll_hook.c
Last active October 20, 2024 10:39
Hook LdrLoadDll to whitelist DLLs being loaded into a process
#include <stdio.h>
#include <windows.h>
#include <winternl.h>
#define dwAllowDllCount 1
CHAR cAllowDlls[dwAllowDllCount][MAX_PATH] = {
"W:\\allowed.dll"
};
VOID HookLoadDll(LPVOID lpAddr);