AlSch092 / ModifyExports
Research of modifying exported function names at runtime (C/C++, Windows)
☆16Updated 3 months ago
Related projects: ⓘ
- ☆26Updated 2 months ago
- Research into removing strings & API call references at compile-time (Anti-Analysis)☆22Updated 3 months ago
- ☆23Updated 4 months ago
- Reimplementation of the KExecDD DSE bypass technique.☆42Updated last week
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 2 years ago
- ☆12Updated 2 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated last year
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆34Updated 9 months ago
- API Hammering with C++20☆34Updated 2 years ago
- ☆13Updated this week
- Get your data from the resource section manually, with no need for windows apis☆52Updated last year
- Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules☆41Updated last year
- ☆43Updated this week
- A python polymorphic engine for C programs☆11Updated 9 months ago
- A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and re…☆18Updated last year
- a demo module for the kaine agent to execute and inject assembly modules☆33Updated 3 weeks ago
- This program is used to perform reflective DLL Injection to a remote process specified by the user.☆61Updated last year
- Enumerate Callbacks and all Object Types☆13Updated last year
- PoC exploit for HP Hardware Diagnostic's EtdSupp driver☆50Updated last year
- ☆48Updated last year
- In-memory hiding technique☆36Updated 3 months ago
- ☆13Updated this week
- Process Injection: APC Injection☆27Updated 3 years ago
- ☆10Updated 5 months ago
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆53Updated 2 years ago
- ☆24Updated 5 months ago
- ☆24Updated this week
- A repository filled with ideas to break/detect direct syscall techniques☆26Updated 2 years ago
- Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits☆28Updated 2 years ago
- Manually perform syscalls without going through any external API or DLL.☆16Updated last year