Hooking KPRCB IdlePreselect function to gain execution inside PID 0.
☆81Apr 13, 2025Updated last year
Alternatives and similar repositories for PowerHook
Users that are interested in PowerHook are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- BOF to decrypt Signal Desktop chat logs☆70Feb 20, 2025Updated last year
- Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…☆205Jun 17, 2025Updated last year
- A lexer and parser for Sleep☆20Feb 20, 2026Updated 4 months ago
- Virtual Trust Level (VTL 1) secure call tracing☆103Feb 12, 2026Updated 4 months ago
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆136Jan 17, 2026Updated 5 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ☆56Mar 26, 2025Updated last year
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆42Aug 5, 2025Updated 10 months ago
- Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…☆83Jun 21, 2025Updated last year
- ☆37Nov 8, 2024Updated last year
- Blog/Journal on how to backdoor VSCode extensions☆81Feb 24, 2026Updated 4 months ago
- Mentally ill EtwTi parser☆74Jan 11, 2026Updated 5 months ago
- ☆31Feb 28, 2025Updated last year
- shell code example☆69Dec 12, 2025Updated 6 months ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆285Sep 18, 2024Updated last year
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Finding Truth in the Shadows☆129Jan 26, 2023Updated 3 years ago
- Harness to issue Virtual Secure Mode (VSM) "secure calls" from VTL 0 to VTL 1☆81Sep 8, 2025Updated 9 months ago
- Dll injection through code page id modification in registry. Based on jonas lykk research☆16Jun 18, 2022Updated 4 years ago
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆78Mar 29, 2025Updated last year
- Vectored Exception Handling Squared☆30Dec 27, 2025Updated 6 months ago
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆64Oct 19, 2024Updated last year
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated last year
- An example reference design for a proposed BOF PE☆231Jan 23, 2026Updated 5 months ago
- Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH☆138Aug 31, 2025Updated 10 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆288Apr 6, 2025Updated last year
- ForsHops☆154Mar 25, 2025Updated last year
- Exploiting the KsecDD Windows driver through Server Silos☆88Nov 11, 2024Updated last year
- Admin to Kernel code execution using the KSecDD driver☆270Apr 19, 2024Updated 2 years ago
- BYOVD: Use 360 WFP driver to block EDR/XDR network connection.☆126Feb 10, 2026Updated 4 months ago
- ntoskrnl .data hooks for UM-KM communication☆52May 26, 2024Updated 2 years ago
- Rewrite and obfuscate code in compiled binaries☆274Dec 13, 2025Updated 6 months ago
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆162Mar 26, 2025Updated last year
- Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections☆179May 17, 2023Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Windows rootkit designed to work with BYOVD exploits☆223Jan 18, 2025Updated last year
- ☆59Jun 10, 2026Updated 3 weeks ago
- Cortex EDR Ransomware protection Bypass☆27Feb 8, 2025Updated last year
- A collection of Proof-of-Concept implementations of various anti-disassembly techniques for ARM32 and ARM64 architectures.☆79Apr 18, 2025Updated last year
- MIPS VM to execute payloads without allocating executable memory. Based on a PlayStation 1 (PSX) Emulator.☆127Dec 6, 2024Updated last year
- havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets☆43Aug 6, 2024Updated last year
- TypeLib persistence technique☆147Oct 22, 2024Updated last year