# 2. Userland Hooks

- [1. What are userland hooks?](/evasion/edr-bypass/2.-userland-hooks/1.-what-are-userland-hooks.md): #EDREvasion #UserlandHooks
- [2. Load a fresh copy of the dll from disk](/evasion/edr-bypass/2.-userland-hooks/2.-load-a-fresh-copy-of-the-dll-from-disk.md): #EDREvasion #UserlandHooks #unhook
- [3. Programmatically detect ntdll hooks](/evasion/edr-bypass/2.-userland-hooks/3.-programmatically-detect-ntdll-hooks.md): #EDREvasion #UserlandHooks #unhook
- [4. Direct and Indirect Syscalls (shellcode runner)](/evasion/edr-bypass/2.-userland-hooks/4.-direct-and-indirect-syscalls-shellcode-runner.md): #syscalls #directsyscalls #indirectsyscalls #Golang #EDREvasion