0mWindyBug / FileHide
filter driver to hide files and directories
☆12Updated 7 months ago
Related projects: ⓘ
- a windows kernel keylogger that works☆19Updated 7 months ago
- silence file system monitoring components by hooking their minifilters☆49Updated 7 months ago
- Protect a process from code injection, termination and hooking☆33Updated 3 years ago
- SetWinEventHook Sample☆40Updated 11 months ago
- HideProcess☆11Updated last year
- Bypassing kernel patch protection runtime☆19Updated last year
- ☆19Updated 7 months ago
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆44Updated last year
- A packed & protected Module Loader and more, for 64-bit Windows☆28Updated 3 years ago
- Experiment to use sections as User/Kernelmode comm vector☆20Updated last year
- NtCreateUserProcess with CsrClientCallServer for mainstream Windows x64 version☆19Updated 2 months ago
- ☆7Updated last week
- Patches DSE by swapping both data ptrs located in SeValidateImageHeader && SeValidateImageData☆19Updated 7 months ago
- Record & prevent file deletion in kernel mode☆39Updated 4 years ago
- C/C++ antidebugging library for 32 and 64 bit processors☆10Updated 2 months ago
- Elevate arbitrary MSR writes to kernel execution.☆16Updated last year
- Function hooks in Windows NT Kernel☆21Updated 3 years ago
- A class to gather information about a process, its threads and modules.☆23Updated 4 years ago
- PoC kernel to usermode injection☆48Updated 6 months ago
- research revolving the windows filtering platform callout mechanism☆20Updated 3 months ago
- Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.☆27Updated 2 years ago
- Hijack NotifyRoutine for a kernelmode thread☆40Updated 2 years ago
- stop any process from looking into your process by hooking.☆16Updated 5 months ago
- ☆24Updated 3 years ago
- Manually Mapped Windows Kernel Driver + Usermode API for Arbitrary R/W to UM process via a UM thread trapped in kernel, synchronized with…☆13Updated 3 years ago
- combine the power of procmon and dbgview into one single application☆8Updated 7 months ago
- Signature finder (from PE-bear)☆29Updated 3 months ago
- XOrCryptEx lightweight C Utility/Algorithm☆11Updated 2 years ago
- Compileable POC of namazso's x64 return address spoofer.☆46Updated 4 years ago
- PAGE_GUARD based hooking library☆38Updated 2 years ago