7eRoM / elam
A Practical example of ELAM (Early Launch Anti-Malware)
☆33Updated 3 years ago
Alternatives and similar repositories for elam:
Users that are interested in elam are comparing it to the libraries listed below
- ☆31Updated 4 years ago
- ☆24Updated last year
- ☆18Updated 3 years ago
- An example of COM hijacking using a proxy DLL.☆25Updated 3 years ago
- ☆27Updated 2 years ago
- Clone running process with ZwCreateProcess☆58Updated 4 years ago
- Extract data of TTD trace file to a minidump☆28Updated last year
- Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits☆28Updated 2 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆30Updated 2 years ago
- Listing UDP connections with remote address without sniffing.☆30Updated last year
- A PoC tool for exploiting leaked process and thread handles☆30Updated 11 months ago
- Repository of Microsoft Driver Block Lists based off of OS-builds☆39Updated 9 months ago
- ☆15Updated 4 years ago
- ☆46Updated 3 years ago
- Process Injection without R/W target memory and without creating a remote thread☆19Updated 2 years ago
- ☆20Updated 3 years ago
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆54Updated 2 years ago
- A simple PE loader.☆25Updated 2 years ago
- really ?☆12Updated 10 months ago
- Process Injection: APC Injection☆29Updated 4 years ago
- Dangling COM Keys Finder☆15Updated 3 years ago
- ☆22Updated last year
- ☆24Updated 3 years ago
- Example for PagedOut!☆24Updated 5 years ago
- Six cases demonstrating methods of optimizing GetProcAddress☆17Updated 3 years ago
- ☆27Updated 6 months ago
- Exploiting ring0 memcpy-like functionality to disable Driver Signing Enforcement (DSE)☆20Updated 4 years ago
- Tiny driver patch to allow kernel callbacks to work on Win10 21h1☆34Updated 2 years ago