A better way to write shell code
☆10May 28, 2021Updated 4 years ago
Alternatives and similar repositories for better-shellcode
Users that are interested in better-shellcode are comparing it to the libraries listed below
Sorting:
- ☆12Oct 12, 2021Updated 4 years ago
- Experiment to use sections as User/Kernelmode comm vector☆22Apr 7, 2023Updated 2 years ago
- A simple process query/manipulation tool using driver hooked system call. (2019)☆12Aug 30, 2021Updated 4 years ago
- Simple C tool to generate a C header file with an array of bytes of given file.☆11Jan 12, 2020Updated 6 years ago
- Windows Kernel API wrapper with simplified functions and enterprise driver extensions.☆33Jul 8, 2025Updated 7 months ago
- stack based buffer overflow in MsIo64.sys, Proof of Concept Local Privilege Escalation to nt authority/system☆12Jun 7, 2021Updated 4 years ago
- Walks through the 4-level paging structures in Windows x64☆13Feb 12, 2023Updated 3 years ago
- Server-side anti-wallhack solution utilizing GPU hardware-raytracing and mainly targeting competitive low-latency gaming. Can be configur…☆15Feb 15, 2026Updated last week
- A summary of NSO Group/Circles documents, research and media clippings.☆12Apr 13, 2024Updated last year
- A simple way to spoof return addresses using an exception handler☆43Aug 3, 2022Updated 3 years ago
- Register a callback from a Manually mapped kernel module☆16Feb 1, 2022Updated 4 years ago
- PoC exploit for HP Hardware Diagnostic's EtdSupp driver☆50May 13, 2023Updated 2 years ago
- UM-KM Communication using registry callbacks☆39Jun 8, 2020Updated 5 years ago
- Alternative in-game +left/+right commands for CS:GO & CS:S with customizable yawspeed☆19Nov 12, 2022Updated 3 years ago
- ☆59Jun 8, 2022Updated 3 years ago
- anti-cheat based on user-mode tricks and undocumented methods☆25Jul 16, 2017Updated 8 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- ☆19Apr 14, 2023Updated 2 years ago
- Open Course for diving security internal☆52Nov 11, 2019Updated 6 years ago
- A Simple Example☆23Nov 30, 2018Updated 7 years ago
- ☆34Aug 7, 2023Updated 2 years ago
- hidden_syscall - syscaller without using syscall instruction in code☆63Jan 23, 2023Updated 3 years ago
- "Bypassing" HVCI via donor PFN swaps to modify read-only code pages. Call chained kernel functions (kCET and SLAT support), modify read-o…☆87Feb 14, 2026Updated 2 weeks ago
- Debug Print viewer (user and kernel)☆72Feb 7, 2024Updated 2 years ago
- PTE hook☆35Jun 15, 2024Updated last year
- Overwatch Anti-Flag☆109Dec 7, 2023Updated 2 years ago
- Fully functional & encrypted chat-application.☆11Mar 28, 2024Updated last year
- Event Masker is a Splunk streaming command to mask event from search based on a list of rules that contain conditions.☆16Oct 11, 2022Updated 3 years ago
- Taking advantage of CRT initialization, to get away with hooking protected applications☆48Nov 2, 2022Updated 3 years ago
- SPI flash read MitM attack PoC☆40May 24, 2022Updated 3 years ago
- drvtriks kernel driver for Windows 7 SP1 and 8.1 x64, that tricks around in your system.☆34Oct 6, 2017Updated 8 years ago
- PareidoliaTriggerbot is a hypervisor-based, external Widowmaker triggerbot which uses the VivienneVMM and MouClassInputInjection projects…☆33Nov 3, 2019Updated 6 years ago
- A Windows API hooking library !☆31Aug 29, 2022Updated 3 years ago
- A set of Windows 10+/VS2022/C++14 tools for working with software modifications in two files (Detours.h, Detours.cpp).☆46Feb 1, 2026Updated 3 weeks ago
- Simulate SendInput with ClassService☆35Sep 5, 2018Updated 7 years ago
- Hypervisor-assisted internal League of Legends hack☆70Nov 14, 2020Updated 5 years ago
- Small utility DLL that loads and reloads a given DLL when it's updated on disk.☆47Sep 24, 2023Updated 2 years ago
- ☆37May 21, 2022Updated 3 years ago
- ☆39Jun 10, 2023Updated 2 years ago