Use NT Native Registry API to create a registry that normal user can not query.
☆94Dec 7, 2017Updated 8 years ago
Alternatives and similar repositories for HiddenNtRegistry
Users that are interested in HiddenNtRegistry are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.☆67Feb 11, 2025Updated last year
- A Rust PoC implementation of the Early Bird process hollowing technique, inspired by https://github.com/boku7/HOLLOW.☆31Feb 7, 2025Updated last year
- Dll injection through code page id modification in registry. Based on jonas lykk research☆17Jun 18, 2022Updated 3 years ago
- ☆24Jul 24, 2020Updated 5 years ago
- Submission, compilation and execution of C# code snippets, using an unmanaged CLR Host☆53Jan 29, 2015Updated 11 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Windows hidden thread suspend POC with code injection☆12May 27, 2017Updated 8 years ago
- ☆17Mar 3, 2016Updated 10 years ago
- PowerShell script to bypass UAC using DCCW☆19Jul 29, 2017Updated 8 years ago
- Terms of Use Conditional Access M365 Evilginx Phishlet☆44Jun 23, 2025Updated 9 months ago
- This tool will extract the opcodes from the .text section and display in different hex formats for different syntaxes. Works only with va…☆16Feb 9, 2016Updated 10 years ago
- A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and …☆335Mar 6, 2025Updated last year
- New handle stealing technique for windows apps☆14Oct 6, 2017Updated 8 years ago
- How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.☆26Apr 21, 2025Updated 11 months ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆50Jan 25, 2025Updated last year
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- C++ wrapper for the Windows structured storage implementation known as Compound Files☆20Aug 30, 2020Updated 5 years ago
- A tool similar to netcat, but tunneled over DNS☆18Mar 10, 2017Updated 9 years ago
- Reverse engineering winapi function loadlibrary.☆240Apr 17, 2023Updated 2 years ago
- Https中间人劫持验证性库☆17Mar 12, 2017Updated 9 years ago
- A Mythic Agent written in PIC C.☆205Feb 4, 2025Updated last year
- Cortex EDR Ransomware protection Bypass☆27Feb 8, 2025Updated last year
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆105Feb 25, 2025Updated last year
- TypeLib persistence technique☆141Oct 22, 2024Updated last year
- RunPE dump - I wrote this to have better control over the analysis of malwares. I can stop and analysis malware when it uses some of the …☆10Jul 1, 2015Updated 10 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆283Sep 18, 2024Updated last year
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆189Jan 17, 2026Updated 2 months ago
- Shellcode Loader Utilizing ETW Events☆66Feb 26, 2025Updated last year
- Host CLR and run .NET binaries using Rust☆153Dec 23, 2025Updated 3 months ago
- In-memory hiding technique☆63Jan 5, 2025Updated last year
- Collection of red team techniques.☆69Apr 25, 2025Updated 11 months ago
- Dynamically resolve API function addresses at runtime in a secure manner.☆73Nov 11, 2025Updated 4 months ago
- ☆16Nov 10, 2015Updated 10 years ago
- Execute shellcode via Bluetooth device authentication☆41Feb 19, 2025Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- GPOAnalyzer is a tool designed to assist in parsing domain Group Policy Object (GPO) files located in the SYSVOL directory.☆28Jun 14, 2024Updated last year
- A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints☆125Jul 11, 2025Updated 8 months ago
- "Service-less" driver loading☆184Nov 28, 2024Updated last year
- PoC of BOOST-ed _EPROCESS.VadRoot iterating☆27May 21, 2014Updated 11 years ago
- .NET assembly loader with patchless AMSI and ETW bypass☆374Apr 19, 2023Updated 2 years ago
- Maintain Windows Persistence with an evil Netshell Helper DLL☆12Jul 28, 2018Updated 7 years ago
- PoC: process watcher patterns to make killing a process hard.☆11Aug 1, 2018Updated 7 years ago