0x00Jeff / BetterGetProcAddress
POC of a better implementation of GetProcAddress for ntdll using binary search
☆93Updated 5 months ago
Related projects: ⓘ
- ☆117Updated this week
- A kernel vulnerability used to achieve arbitrary read-write on Windows prior to July 2022☆103Updated last year
- Bypass Malware Time Delays☆96Updated last year
- x86 Trampoline Hook☆36Updated 2 years ago
- Minifilter Callback Patching Proof-of-Concept☆59Updated last year
- ☆105Updated this week
- ☆96Updated 2 years ago
- Enabled / Disable LSA Protection via BYOVD☆61Updated 2 years ago
- Files for http://blog.deniable.org/posts/windows-callbacks/☆67Updated 2 years ago
- PoC: Rebuild A New Path Back to the Heaven's Gate (HITB 2021)☆100Updated 3 years ago
- ☆74Updated 3 weeks ago
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆79Updated last year
- ☆161Updated 2 years ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆126Updated 2 years ago
- Next gen process injection technique☆41Updated 4 years ago
- Experiment on reproducing Obfuscate & Sleep☆136Updated 3 years ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆120Updated last year
- 64bit WIndows 10 shellcode dat pops dat calc - Dynamic & Null Free☆55Updated last year
- a library that automates some clean syscalls to make it easier to implement☆80Updated last year
- vulnerability in zam64.sys, zam32.sys allowing ring 0 code execution. CVE-2021-31727 and CVE-2021-31728 public reference.☆88Updated 3 years ago
- LdrLoadDll Unhooking☆114Updated 2 years ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆102Updated 3 years ago
- A small tool I made to dump the export table of PE files. The primary use case was intended for use within DLL proxying.☆66Updated 2 years ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆108Updated 3 years ago
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆91Updated last year
- Finding Truth in the Shadows☆81Updated last year
- Overwrite a process's recovery callback and execute with WER☆100Updated 2 years ago
- Simple project using syscalls (via Syswhispers2) to execute MessageBox shellcode.☆72Updated 2 years ago
- Small PoC of using a Microsoft signed executable as a lolbin.☆131Updated last year
- A Poc on blocking Procmon from monitoring network events☆96Updated 2 years ago