There are 0 repository under ntdll-unhooking topic.
Inline syscalls made for MSVC supporting x64 and WOW64
A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (using pe2shc by @hasherezade). Payload encryption via SystemFucntion033 NtApi and No new thread via Fiber
Overwrite ntdll.dll's ".text" section to bypass API hooking. Getting the clean dll from disk, Knowndlls folder, a debugged process or a URL