├── LICENSE
└── Ntdll Unhooking
    ├── 1 - Unhooking NTDLL from disk
        ├── 1 - Unhooking Ntdll from disk MAC Shellcode
        │   ├── UnhookingNtdll_disk.cpp
        │   ├── UnhookingNtdll_disk.sln
        │   ├── UnhookingNtdll_disk.vcxproj
        │   ├── UnhookingNtdll_disk.vcxproj.filters
        │   └── UnhookingNtdll_disk.vcxproj.user
        ├── bin2mac.py
        └── calc.bin
    ├── 2 - Unhooking NTDLL from KnownDlls
        ├── UnhookingKnownDlls
        │   ├── Resource.aps
        │   ├── Resource.rc
        │   ├── UnhookingKnownDlls.cpp
        │   ├── UnhookingKnownDlls.sln
        │   ├── UnhookingKnownDlls.vcxproj
        │   ├── UnhookingKnownDlls.vcxproj.filters
        │   ├── UnhookingKnownDlls.vcxproj.user
        │   └── resource.h
        ├── bin2mac.py
        └── calc.bin
    ├── 3 - Unhooking NTDLL from Suspended Process
        ├── Ntdll_SusProcess
        │   ├── Ntdll_SusProcess.cpp
        │   ├── Ntdll_SusProcess.sln
        │   ├── Ntdll_SusProcess.vcxproj
        │   ├── Ntdll_SusProcess.vcxproj.filters
        │   └── Ntdll_SusProcess.vcxproj.user
        ├── bin2mac.py
        └── calc.bin
    └── 4 - Unhooking NTDLL from remote server (fileless)
        ├── RemoteNTDLL
            ├── RemoteNTDLL.cpp
            ├── RemoteNTDLL.sln
            ├── RemoteNTDLL.vcxproj
            ├── RemoteNTDLL.vcxproj.filters
            └── RemoteNTDLL.vcxproj.user
        ├── bin2mac.py
        └── calc.bin


/LICENSE:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/LICENSE


--------------------------------------------------------------------------------
/Ntdll Unhooking/1 - Unhooking NTDLL from disk/1 - Unhooking Ntdll from disk MAC Shellcode/UnhookingNtdll_disk.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/1 - Unhooking NTDLL from disk/1 - Unhooking Ntdll from disk MAC Shellcode/UnhookingNtdll_disk.cpp


--------------------------------------------------------------------------------
/Ntdll Unhooking/1 - Unhooking NTDLL from disk/1 - Unhooking Ntdll from disk MAC Shellcode/UnhookingNtdll_disk.sln:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/1 - Unhooking NTDLL from disk/1 - Unhooking Ntdll from disk MAC Shellcode/UnhookingNtdll_disk.sln


--------------------------------------------------------------------------------
/Ntdll Unhooking/1 - Unhooking NTDLL from disk/1 - Unhooking Ntdll from disk MAC Shellcode/UnhookingNtdll_disk.vcxproj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/1 - Unhooking NTDLL from disk/1 - Unhooking Ntdll from disk MAC Shellcode/UnhookingNtdll_disk.vcxproj


--------------------------------------------------------------------------------
/Ntdll Unhooking/1 - Unhooking NTDLL from disk/1 - Unhooking Ntdll from disk MAC Shellcode/UnhookingNtdll_disk.vcxproj.filters:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/1 - Unhooking NTDLL from disk/1 - Unhooking Ntdll from disk MAC Shellcode/UnhookingNtdll_disk.vcxproj.filters


--------------------------------------------------------------------------------
/Ntdll Unhooking/1 - Unhooking NTDLL from disk/1 - Unhooking Ntdll from disk MAC Shellcode/UnhookingNtdll_disk.vcxproj.user:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/1 - Unhooking NTDLL from disk/1 - Unhooking Ntdll from disk MAC Shellcode/UnhookingNtdll_disk.vcxproj.user


--------------------------------------------------------------------------------
/Ntdll Unhooking/1 - Unhooking NTDLL from disk/bin2mac.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/1 - Unhooking NTDLL from disk/bin2mac.py


--------------------------------------------------------------------------------
/Ntdll Unhooking/1 - Unhooking NTDLL from disk/calc.bin:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/1 - Unhooking NTDLL from disk/calc.bin


--------------------------------------------------------------------------------
/Ntdll Unhooking/2 - Unhooking NTDLL from KnownDlls/UnhookingKnownDlls/Resource.aps:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/2 - Unhooking NTDLL from KnownDlls/UnhookingKnownDlls/Resource.aps


--------------------------------------------------------------------------------
/Ntdll Unhooking/2 - Unhooking NTDLL from KnownDlls/UnhookingKnownDlls/Resource.rc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/2 - Unhooking NTDLL from KnownDlls/UnhookingKnownDlls/Resource.rc


--------------------------------------------------------------------------------
/Ntdll Unhooking/2 - Unhooking NTDLL from KnownDlls/UnhookingKnownDlls/UnhookingKnownDlls.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/2 - Unhooking NTDLL from KnownDlls/UnhookingKnownDlls/UnhookingKnownDlls.cpp


--------------------------------------------------------------------------------
/Ntdll Unhooking/2 - Unhooking NTDLL from KnownDlls/UnhookingKnownDlls/UnhookingKnownDlls.sln:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/2 - Unhooking NTDLL from KnownDlls/UnhookingKnownDlls/UnhookingKnownDlls.sln


--------------------------------------------------------------------------------
/Ntdll Unhooking/2 - Unhooking NTDLL from KnownDlls/UnhookingKnownDlls/UnhookingKnownDlls.vcxproj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/2 - Unhooking NTDLL from KnownDlls/UnhookingKnownDlls/UnhookingKnownDlls.vcxproj


--------------------------------------------------------------------------------
/Ntdll Unhooking/2 - Unhooking NTDLL from KnownDlls/UnhookingKnownDlls/UnhookingKnownDlls.vcxproj.filters:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/2 - Unhooking NTDLL from KnownDlls/UnhookingKnownDlls/UnhookingKnownDlls.vcxproj.filters


--------------------------------------------------------------------------------
/Ntdll Unhooking/2 - Unhooking NTDLL from KnownDlls/UnhookingKnownDlls/UnhookingKnownDlls.vcxproj.user:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/2 - Unhooking NTDLL from KnownDlls/UnhookingKnownDlls/UnhookingKnownDlls.vcxproj.user


--------------------------------------------------------------------------------
/Ntdll Unhooking/2 - Unhooking NTDLL from KnownDlls/UnhookingKnownDlls/resource.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/2 - Unhooking NTDLL from KnownDlls/UnhookingKnownDlls/resource.h


--------------------------------------------------------------------------------
/Ntdll Unhooking/2 - Unhooking NTDLL from KnownDlls/bin2mac.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/2 - Unhooking NTDLL from KnownDlls/bin2mac.py


--------------------------------------------------------------------------------
/Ntdll Unhooking/2 - Unhooking NTDLL from KnownDlls/calc.bin:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/2 - Unhooking NTDLL from KnownDlls/calc.bin


--------------------------------------------------------------------------------
/Ntdll Unhooking/3 - Unhooking NTDLL from Suspended Process/Ntdll_SusProcess/Ntdll_SusProcess.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/3 - Unhooking NTDLL from Suspended Process/Ntdll_SusProcess/Ntdll_SusProcess.cpp


--------------------------------------------------------------------------------
/Ntdll Unhooking/3 - Unhooking NTDLL from Suspended Process/Ntdll_SusProcess/Ntdll_SusProcess.sln:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/3 - Unhooking NTDLL from Suspended Process/Ntdll_SusProcess/Ntdll_SusProcess.sln


--------------------------------------------------------------------------------
/Ntdll Unhooking/3 - Unhooking NTDLL from Suspended Process/Ntdll_SusProcess/Ntdll_SusProcess.vcxproj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/3 - Unhooking NTDLL from Suspended Process/Ntdll_SusProcess/Ntdll_SusProcess.vcxproj


--------------------------------------------------------------------------------
/Ntdll Unhooking/3 - Unhooking NTDLL from Suspended Process/Ntdll_SusProcess/Ntdll_SusProcess.vcxproj.filters:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/3 - Unhooking NTDLL from Suspended Process/Ntdll_SusProcess/Ntdll_SusProcess.vcxproj.filters


--------------------------------------------------------------------------------
/Ntdll Unhooking/3 - Unhooking NTDLL from Suspended Process/Ntdll_SusProcess/Ntdll_SusProcess.vcxproj.user:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/3 - Unhooking NTDLL from Suspended Process/Ntdll_SusProcess/Ntdll_SusProcess.vcxproj.user


--------------------------------------------------------------------------------
/Ntdll Unhooking/3 - Unhooking NTDLL from Suspended Process/bin2mac.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/3 - Unhooking NTDLL from Suspended Process/bin2mac.py


--------------------------------------------------------------------------------
/Ntdll Unhooking/3 - Unhooking NTDLL from Suspended Process/calc.bin:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/3 - Unhooking NTDLL from Suspended Process/calc.bin


--------------------------------------------------------------------------------
/Ntdll Unhooking/4 - Unhooking NTDLL from remote server (fileless)/RemoteNTDLL/RemoteNTDLL.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/4 - Unhooking NTDLL from remote server (fileless)/RemoteNTDLL/RemoteNTDLL.cpp


--------------------------------------------------------------------------------
/Ntdll Unhooking/4 - Unhooking NTDLL from remote server (fileless)/RemoteNTDLL/RemoteNTDLL.sln:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/4 - Unhooking NTDLL from remote server (fileless)/RemoteNTDLL/RemoteNTDLL.sln


--------------------------------------------------------------------------------
/Ntdll Unhooking/4 - Unhooking NTDLL from remote server (fileless)/RemoteNTDLL/RemoteNTDLL.vcxproj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/4 - Unhooking NTDLL from remote server (fileless)/RemoteNTDLL/RemoteNTDLL.vcxproj


--------------------------------------------------------------------------------
/Ntdll Unhooking/4 - Unhooking NTDLL from remote server (fileless)/RemoteNTDLL/RemoteNTDLL.vcxproj.filters:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/4 - Unhooking NTDLL from remote server (fileless)/RemoteNTDLL/RemoteNTDLL.vcxproj.filters


--------------------------------------------------------------------------------
/Ntdll Unhooking/4 - Unhooking NTDLL from remote server (fileless)/RemoteNTDLL/RemoteNTDLL.vcxproj.user:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/4 - Unhooking NTDLL from remote server (fileless)/RemoteNTDLL/RemoteNTDLL.vcxproj.user


--------------------------------------------------------------------------------
/Ntdll Unhooking/4 - Unhooking NTDLL from remote server (fileless)/bin2mac.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/4 - Unhooking NTDLL from remote server (fileless)/bin2mac.py


--------------------------------------------------------------------------------
/Ntdll Unhooking/4 - Unhooking NTDLL from remote server (fileless)/calc.bin:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SaadAhla/ntdlll-unhooking-collection/HEAD/Ntdll Unhooking/4 - Unhooking NTDLL from remote server (fileless)/calc.bin


--------------------------------------------------------------------------------