A fully compatible replacement of Windows NT NtCreateLowBoxToken syscall - precisely restored from reverse engineering
☆43Jun 10, 2025Updated 9 months ago
Alternatives and similar repositories for NtCreateLowBoxToken
Users that are interested in NtCreateLowBoxToken are comparing it to the libraries listed below
Sorting:
- ☆12Mar 28, 2022Updated 3 years ago
- A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and …☆335Mar 6, 2025Updated last year
- WinAPI Hook to allow WinUI 3 running in UWP environment☆23Nov 7, 2023Updated 2 years ago
- Remove WPP calls from hexrays decompiled code☆56Jan 31, 2026Updated last month
- Folder Or File Delete to Get System Shell on Current Session Desktop☆47Jan 14, 2025Updated last year
- ACL Viewer for Windows☆133May 4, 2025Updated 10 months ago
- Emulate Drivers in RING3 with self context mapping or unicorn☆21Jan 1, 2025Updated last year
- Windows Mobile Emulator source code that MS released. Modified to work with VS2022.☆16Mar 11, 2023Updated 3 years ago
- ☆22Jan 15, 2025Updated last year
- 对Windbg以Exdi模式下调试windows做一些修复☆21Aug 25, 2023Updated 2 years ago
- POC for CVE-2023-29360☆12Aug 31, 2024Updated last year
- ☆30Oct 13, 2020Updated 5 years ago
- ☆33Jan 23, 2025Updated last year
- ☆21Feb 18, 2025Updated last year
- UWP Storage layer that help to deal with storage by string path just like Win32 methods☆13May 16, 2025Updated 10 months ago
- silence file system monitoring components by hooking their minifilters☆61Jan 31, 2024Updated 2 years ago
- ☆14Feb 4, 2023Updated 3 years ago
- Windows kernel driver that detects hypervisors by probing SIDT/LIDT edge cases, paging/TLB behaviors, privilege transitions, and timing e…☆37Mar 3, 2026Updated 2 weeks ago
- A Practical example of ELAM (Early Launch Anti-Malware)☆36Nov 12, 2021Updated 4 years ago
- Panda - is a set of utilities used to research how PsExec encrypts its traffic.☆12Apr 20, 2021Updated 4 years ago
- (No longer maintained) An in-development Virtual Machine client for UWP☆16Jan 29, 2024Updated 2 years ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- Generate a PDB file given the old PDB file and an address mapping☆53Aug 3, 2025Updated 7 months ago
- 一款基于James Forshaw的.NET Remoting反序列化工具升级版在TypeFilterLevel.Low模式无文件payload任意代码执行poc的开发心得☆48Jan 23, 2025Updated last year
- Escape macOS Sandbox using sharedfilelistd exploit☆63Jun 28, 2025Updated 8 months ago
- AppX RPC Local Privilege Escalation - Windows 10/11☆92Feb 7, 2024Updated 2 years ago
- Flow Frame is a new and improved Frame control. This builds upon the default frame control by providing high-performance page transition …☆16Jan 5, 2024Updated 2 years ago
- .NET Native but with CoreRT's ILCompiler☆28Feb 29, 2024Updated 2 years ago
- anti-ransomware file-system filter☆69Sep 3, 2024Updated last year
- Just tried, unusable☆52Oct 23, 2024Updated last year
- A basic Secure Virtual Machine hypervisor☆27Feb 25, 2021Updated 5 years ago
- ☆26Dec 29, 2021Updated 4 years ago
- XPN's RpcEnum but based on IDA instead of Ghidra☆21Aug 17, 2019Updated 6 years ago
- UWP app with MinGW-w64☆16Feb 11, 2025Updated last year
- A POC for Windows Extension Host hooking☆24Jul 13, 2019Updated 6 years ago
- Create a performant WinUI application with Uwp and CoreWindow and run as full-trust win32☆19Mar 21, 2025Updated 11 months ago
- An example of an external LLVM plugin module transform pass for the latest versions.☆14Oct 21, 2025Updated 4 months ago
- Slides for COM Hijacking AV/EDR Talk on 38c3☆75Jan 3, 2025Updated last year
- Procmonel is Procmon like monitoring system implemented using Microsoft WDK☆13Dec 25, 2019Updated 6 years ago