AlexRuzin / HeliosLinks
A Proof-of-Concept win32 DLL that makes use of netbios session token replay to propagate through a Windows Domain
☆25Updated 7 years ago
Alternatives and similar repositories for Helios
Users that are interested in Helios are comparing it to the libraries listed below
Sorting:
- Data and structures regarding the research done on WdFilter☆12Updated 5 years ago
- A MITM proxy server for reflective DLL injection through WinINet☆15Updated 7 years ago
- Simple PE packer with RtlCompressBuffer☆21Updated 9 years ago
- A working version of this tutorial: https://docs.microsoft.com/en-us/windows/desktop/rpc/tutorial☆16Updated 6 years ago
- A POC for Windows Extension Host hooking☆22Updated 5 years ago
- The project was upgraded from https://coder.pub/ and supported VS2017. The original author wrote the detailed design ideas documentation…☆19Updated 7 years ago
- Windows 10 UAC bypass PoC using LaunchInfSection☆34Updated 6 years ago
- Enumerate the DLLs/Modules using NtQueryVirtualMemory☆32Updated 10 years ago
- User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.☆19Updated 9 years ago
- Kernel (Ring0) - SSDT unhook driver☆14Updated 7 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆29Updated 8 years ago
- Reflective DLL Injection style process infector☆20Updated 6 years ago
- Kernel-mode file scanner☆18Updated 6 years ago
- Exploiting HEVD's WriteWhatWhereIoctlDispatch for LPE on Windows 10 TH2 through RS3 using GDI objects.☆24Updated 7 years ago
- exploit termdd.sys(support kb4499175)☆59Updated 5 years ago
- Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling☆33Updated 5 years ago
- ☆33Updated 3 years ago
- Open-source EDR kernel-component for system monitoring and DLL injection☆31Updated 4 years ago
- PoC for detecting and dumping process hollowing code injection☆51Updated 6 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 7 years ago
- ☆19Updated 9 years ago
- Reverse Windows shell over TLS☆19Updated 9 years ago
- Legal access: The driver and console app to demonstrate the basic memory access in kernel mode☆9Updated 7 years ago
- User-mode part of Zerokit platform☆20Updated 6 years ago
- Open Source Libraries Collection☆24Updated 9 years ago
- ☆19Updated 6 years ago
- An example of PE hollowing injection technique☆23Updated 5 years ago
- vmware-backdoor☆33Updated 3 years ago
- hooking KiUserApcDispatcher☆24Updated 8 years ago
- Library for using direct system calls☆35Updated 4 months ago