0mWindyBug / FileHide

Related projects: ⓘ

• 0mWindyBug / KeystrokeSniffer
  a windows kernel keylogger that works
  ☆19Updated 7 months ago
• 0mWindyBug / MinifilterHook
  silence file system monitoring components by hooking their minifilters
  ☆49Updated 7 months ago
• Rhydon1337 / windows-kernel-process-protector
  Protect a process from code injection, termination and hooking
  ☆33Updated 3 years ago
• zodiacon / WinEventHooks
  SetWinEventHook Sample
  ☆40Updated 11 months ago
• rogxo / HideProcess
  HideProcess
  ☆11Updated last year
• ByteWhite1x1 / PatchGuardResearch
  Bypassing kernel patch protection runtime
  ☆19Updated last year
• SamuelTulach / EvilKaspersky
  ☆19Updated 7 months ago
• 1hAck-0 / zeroimport
  ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…
  ☆44Updated last year
• Lima-X / Win32.Nebula
  A packed & protected Module Loader and more, for 64-bit Windows
  ☆28Updated 3 years ago
• hugsy / shared-kernel-user-section-driver
  Experiment to use sections as User/Kernelmode comm vector
  ☆20Updated last year
• je5442804 / NtCreateUserProcess-Post
  NtCreateUserProcess with CsrClientCallServer for mainstream Windows x64 version
  ☆19Updated 2 months ago
• rbmm / LIB
  ☆7Updated last week
• Cesusius / Dse-Patcher
  Patches DSE by swapping both data ptrs located in SeValidateImageHeader && SeValidateImageData
  ☆19Updated 7 months ago
• SweetIceLolly / Prevent_File_Deletion
  Record & prevent file deletion in kernel mode
  ☆39Updated 4 years ago
• NotRequiem / antidbg
  C/C++ antidebugging library for 32 and 64 bit processors
  ☆10Updated 2 months ago
• backengineering / msrexec
  Elevate arbitrary MSR writes to kernel execution.
  ☆16Updated last year
• kkent030315 / EvilHooker
  Function hooks in Windows NT Kernel
  ☆21Updated 3 years ago
• Broihon / ProcessInfo
  A class to gather information about a process, its threads and modules.
  ☆23Updated 4 years ago
• 0mWindyBug / KernelInjector
  PoC kernel to usermode injection
  ☆48Updated 6 months ago
• 0mWindyBug / WFPCalloutReserach
  research revolving the windows filtering platform callout mechanism
  ☆20Updated 3 months ago
• crvvdev / intraceptor
  Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.
  ☆27Updated 2 years ago
• UCFoxi / NotifyRoutineHijackThread
  Hijack NotifyRoutine for a kernelmode thread
  ☆40Updated 2 years ago
• byte2mov / anti-process
  stop any process from looking into your process by hooking.
  ☆16Updated 5 months ago
• ch3rn0byl / CVE-2021-21551
  ☆24Updated 3 years ago
• Y33Tcoder / EventSyncDriver
  Manually Mapped Windows Kernel Driver + Usermode API for Arbitrary R/W to UM process via a UM thread trapped in kernel, synchronized with…
  ☆13Updated 3 years ago
• emlinhax / DbgViewEx
  combine the power of procmon and dbgview into one single application
  ☆8Updated 7 months ago
• hasherezade / sig_finder
  Signature finder (from PE-bear)
  ☆29Updated 3 months ago
• Lima-X / XOrCryptEx
  XOrCryptEx lightweight C Utility/Algorithm
  ☆11Updated 2 years ago
• lennyRBLX / ret_addr_spoofer
  Compileable POC of namazso's x64 return address spoofer.
  ☆46Updated 4 years ago
• nelfo / PGHooker
  PAGE_GUARD based hooking library
  ☆38Updated 2 years ago