Apxaey / Unlinking-Modules-From-The-PEB-Dll-Hiding-
I did a full in depth video explaining this here: https://www.youtube.com/watch?v=u2jFhdrHVg0&t=294s
☆10Updated 3 years ago
Alternatives and similar repositories for Unlinking-Modules-From-The-PEB-Dll-Hiding-:
Users that are interested in Unlinking-Modules-From-The-PEB-Dll-Hiding- are comparing it to the libraries listed below
- A class to gather information about a process, its threads and modules.☆24Updated 4 years ago
- Abusing RtlAdjustPrivilege and NtSetInformationProcess to cause a BSOD from usermode☆17Updated 2 years ago
- ☆14Updated 6 years ago
- Single header library to simplify the usage of direct syscalls. x64/x86☆11Updated last year
- x64 Windows privilege elevation using anycall☆21Updated 3 years ago
- Fake Timestamps of Driver Certificates while keeping validity.☆16Updated 3 years ago
- Register a callback from a Manually mapped kernel module☆15Updated 3 years ago
- Small class to help perform syscalls.☆21Updated last year
- Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling☆31Updated 5 years ago
- MazzCrypt - You won't ever get caught. A [was-private] polymorphic source code parser to randomize executables. Inspired by PolyLoader by…☆12Updated 8 years ago
- a driver to enumerate registered pnp callbacks for a particular interface class based on reversal of IoRegisterPlugPlayNotification☆11Updated 11 months ago
- working injector bp (BE EAC & VANGUARD)☆4Updated 3 years ago
- A dll injector static library for Win x64 processes with handle elevation supported☆12Updated 3 years ago
- Injector with kernel power�☆16Updated 4 years ago
- A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing…☆12Updated 4 years ago
- A C++ syscall ID extractor for Windows. Developed, debugged and tested on 20H2.☆20Updated 3 years ago
- Disable threat tracing from the kernel..☆12Updated 2 years ago
- Simple driver loader for windows☆18Updated 4 years ago
- RET / JMP RBX call spoofer☆9Updated 5 years ago
- ☆17Updated 4 years ago
- Simple IOCTL hooking driver for Kernel- User - Mode communication.☆12Updated 4 years ago
- Written in a couple hours, don't judge :)☆14Updated last year
- ☆18Updated 2 years ago
- Bypassing kernel patch protection runtime☆19Updated 2 years ago
- ☆11Updated 5 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆24Updated 3 years ago
- Microsoft Redistributable Download & Installer☆17Updated 5 years ago
- R3劫持所有异常☆14Updated 4 years ago
- Communicate from ring-0 to ring-3 using NamedPipes.☆10Updated last year