3gstudent / HiddenNtRegistryView external linksLinks
Use NT Native Registry API to create a registry that normal user can not query.
☆94Dec 7, 2017Updated 8 years ago
Alternatives and similar repositories for HiddenNtRegistry
Users that are interested in HiddenNtRegistry are comparing it to the libraries listed below
Sorting:
- ☆17Mar 3, 2016Updated 9 years ago
- Submission, compilation and execution of C# code snippets, using an unmanaged CLR Host☆53Jan 29, 2015Updated 11 years ago
- Dll injection through code page id modification in registry. Based on jonas lykk research☆17Jun 18, 2022Updated 3 years ago
- PowerShell script to bypass UAC using DCCW☆19Jul 29, 2017Updated 8 years ago
- ☆24Jul 24, 2020Updated 5 years ago
- New handle stealing technique for windows apps☆14Oct 6, 2017Updated 8 years ago
- Windows hidden thread suspend POC with code injection☆12May 27, 2017Updated 8 years ago
- PoC of BOOST-ed _EPROCESS.VadRoot iterating☆27May 21, 2014Updated 11 years ago
- This tool will extract the opcodes from the .text section and display in different hex formats for different syntaxes. Works only with va…☆16Feb 9, 2016Updated 10 years ago
- A tool similar to netcat, but tunneled over DNS☆18Mar 10, 2017Updated 8 years ago
- Terms of Use Conditional Access M365 Evilginx Phishlet☆44Jun 23, 2025Updated 7 months ago
- A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.☆66Feb 11, 2025Updated last year
- C++ wrapper for the Windows structured storage implementation known as Compound Files☆20Aug 30, 2020Updated 5 years ago
- windows net program☆13Oct 16, 2014Updated 11 years ago
- Securing Data Analytics on Intel SGX using Randomization☆13Aug 30, 2017Updated 8 years ago
- A Rust PoC implementation of the Early Bird process hollowing technique, inspired by https://github.com/boku7/HOLLOW.☆30Feb 7, 2025Updated last year
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆50Jan 25, 2025Updated last year
- A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and …☆332Mar 6, 2025Updated 11 months ago
- Hyper-V virtual switch packet capturing extension with libpcap / Wireshark format☆13Jun 3, 2014Updated 11 years ago
- ☆16Nov 10, 2015Updated 10 years ago
- Collection of my test rules and Submissions to Emerging-Sigs☆11Apr 22, 2016Updated 9 years ago
- Reverse engineering winapi function loadlibrary.☆232Apr 17, 2023Updated 2 years ago
- Hook IDT vector 0xb2 to detect SCI in 64bit windows.☆34Aug 27, 2022Updated 3 years ago
- ☆22Jul 7, 2017Updated 8 years ago
- Hyper-V sockets☆29Sep 11, 2017Updated 8 years ago
- Https中间人劫持验证性库☆17Mar 12, 2017Updated 8 years ago
- Windows Minifilter driver that redirects any I/O Request of mp3 files to a target file☆18Jul 7, 2015Updated 10 years ago
- ☆14Oct 19, 2016Updated 9 years ago
- A Win32 logger based on DebugView & ETW.☆16Nov 15, 2017Updated 8 years ago
- Remote execution tool☆14Jan 14, 2014Updated 12 years ago
- spy windows ce API calls☆11Jun 3, 2014Updated 11 years ago
- RunPE dump - I wrote this to have better control over the analysis of malwares. I can stop and analysis malware when it uses some of the …☆10Jul 1, 2015Updated 10 years ago
- Lists work items being queued currently.☆14Jun 7, 2015Updated 10 years ago
- ☆13Jul 11, 2017Updated 8 years ago
- "Service-less" driver loading☆184Nov 28, 2024Updated last year
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆182Jan 17, 2026Updated 3 weeks ago
- TypeLib persistence technique☆139Oct 22, 2024Updated last year
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆59Mar 17, 2025Updated 10 months ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆280Sep 18, 2024Updated last year