AlexRuzin / HeliosLinks
A Proof-of-Concept win32 DLL that makes use of netbios session token replay to propagate through a Windows Domain
☆26Updated 7 years ago
Alternatives and similar repositories for Helios
Users that are interested in Helios are comparing it to the libraries listed below
Sorting:
- A MITM proxy server for reflective DLL injection through WinINet☆15Updated 7 years ago
- A POC for Windows Extension Host hooking☆22Updated 5 years ago
- Enumerate the DLLs/Modules using NtQueryVirtualMemory☆32Updated 9 years ago
- A working version of this tutorial: https://docs.microsoft.com/en-us/windows/desktop/rpc/tutorial☆16Updated 5 years ago
- Data and structures regarding the research done on WdFilter☆12Updated 5 years ago
- Kernel (Ring0) - SSDT unhook driver☆14Updated 7 years ago
- x86/x64 dll injector☆30Updated 3 years ago
- Reflective DLL Injection style process infector☆20Updated 6 years ago
- Reverse Windows shell over TLS☆19Updated 9 years ago
- A kernel mode Windows rootkit in development.☆48Updated 3 years ago
- Windows 10 UAC bypass PoC using LaunchInfSection☆34Updated 6 years ago
- automates exploits using ROP chains, using ntdll-scraper☆16Updated 3 years ago
- The project was upgraded from https://coder.pub/ and supported VS2017. The original author wrote the detailed design ideas documentation…☆19Updated 7 years ago
- ☆16Updated 5 years ago
- ☆22Updated 4 years ago
- User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.☆19Updated 9 years ago
- ☆31Updated 4 years ago
- exploit termdd.sys(support kb4499175)☆59Updated 5 years ago
- Exploiting HEVD's WriteWhatWhereIoctlDispatch for LPE on Windows 10 TH2 through RS3 using GDI objects.☆24Updated 7 years ago
- vmware-backdoor☆33Updated 3 years ago
- Minimal Intervention and Software Transformation - PoC Packer designed for AV detection bypass☆18Updated 7 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 7 years ago
- Open-source EDR kernel-component for system monitoring and DLL injection☆31Updated 4 years ago
- ☆19Updated 5 years ago
- ☆19Updated 9 years ago
- Simple remote administration tool. Written in c++ and MASM.☆18Updated 7 years ago
- windows inlinehook R3 R0☆11Updated 7 years ago
- Windows Application Loader Running *.Exe files in Memory against Scrylla☆21Updated 5 years ago
- ☆15Updated 4 years ago
- An example of PE hollowing injection technique☆23Updated 5 years ago