360trev / PELoadFromRam
Very very useful example of loading and relocating the (Win32) DLL from memory (!) which allows many possibilities and much more flexibility to dynamically link code from many sources including realtime download from the web and also code signing!
☆21Updated 11 years ago
Related projects ⓘ
Alternatives and complementary repositories for PELoadFromRam
- Kernel (Ring0) - SSDT unhook driver☆13Updated 6 years ago
- wow64 syscall filter☆13Updated 10 years ago
- library, which help to describe or load and execute PE files.☆12Updated 11 years ago
- simple plugin for lastest olly versions to display the callstack☆15Updated 11 years ago
- TrueCrypt 7.2 — (Source Codes)☆8Updated 7 years ago
- eyuyan image rebuild tools source code☆14Updated 8 years ago
- An aggregate of tools used in the core of vmp_dbg plus other parsing utils to parse vmp bc.☆15Updated 8 years ago
- Packer for PE and ELF, 32 and 64bits.☆22Updated 11 years ago
- Ssdt Hook Detection tool☆12Updated 8 years ago
- The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers☆34Updated 7 years ago
- metasploit loader with antivirus bypass module☆17Updated 8 years ago
- ☆13Updated 7 years ago
- Malware monitor template based on MinHook☆16Updated 9 years ago
- 使用SSDT HOOK 在windows上隐藏指定文件或者文件夹☆26Updated 3 years ago
- HTTP/HTTPS/DNS inspector (windows driver)☆24Updated 5 years ago
- Anti-Anti-Debugger Plugins☆18Updated 11 years ago
- A Proof-of-Concept win32 DLL that makes use of netbios session token replay to propagate through a Windows Domain☆24Updated 6 years ago
- Pafish4vs is based on [Pafish]( https://github.com/a0rtega/pafish) , just ported to the VS (VC) compiler (X64 , X86) .☆13Updated 8 years ago
- Anti-AV compilation☆42Updated 11 years ago
- Simple PE packer with RtlCompressBuffer☆21Updated 9 years ago
- Windows registry files interactive viewer☆9Updated 7 years ago
- Native Development Kit for Vista 64bit And Later, by me, Based on NDK Headers 1.0, by Alex Ionescu☆16Updated 8 years ago
- reversed emet tool☆24Updated 12 years ago
- User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.☆18Updated 8 years ago