BeneficialCode / KPPLLinks
Kill Protected Process Light Process (include av)
☆58Updated last year
Alternatives and similar repositories for KPPL
Users that are interested in KPPL are comparing it to the libraries listed below
Sorting:
- Windows Kernel Knowledge && Collect Resources on the wire && Nothing innovation by myself &&☆56Updated this week
- https://key08.com/index.php/2021/10/19/1375.html☆68Updated 3 years ago
- ☆31Updated last year
- Windows API Call Obfuscation☆106Updated 2 years ago
- ☆32Updated 4 years ago
- Shellcode implementation of Reflective DLL Injection by Golang. Convert DLLs to position independent shellcode☆60Updated 4 years ago
- shellcode生成框架☆86Updated 11 months ago
- NO WriteProcessMemory CreateRemoteThread APIs call shellcode injection☆28Updated 5 years ago
- power-kill is a project that kill protected processes (such as EDR or AV) by injecting shellcode into high privilege processes☆46Updated 3 years ago
- ☆22Updated 4 years ago
- Convert PE files to a shellcode☆76Updated 5 years ago
- IAT-Obfuscation to make static analysis of executable harder.☆42Updated 3 years ago
- An implementation of an indirect system call☆129Updated last year
- Only for research and learning, not for commercial and illegal use☆11Updated 5 years ago
- POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…☆40Updated 3 years ago
- Beacon compiled using clang☆69Updated 2 years ago
- ksc4cpp is a shellcode framework for windows kernel based on C++☆21Updated 2 years ago
- ☆19Updated 5 years ago
- HTTPS GET RAT and Memory Loader☆25Updated last week
- Call NtCreateUserProcess directly as normal.☆71Updated 3 years ago
- IDA Python script for generating Windows x86 shellcode with one click☆37Updated last year
- It stinks☆102Updated 3 years ago
- Kernel file/process/object tool☆67Updated 3 years ago
- Windows Defender VDM lua collections☆47Updated 2 years ago
- Just another version of the custom stack call from Proxy-Function-Calls-For-ETwTI☆35Updated 2 years ago
- 利用物理内存映射,实现虚拟内存的伪隐藏☆83Updated 2 years ago
- ☆56Updated 2 years ago
- bypass BeaconEye☆88Updated 3 years ago
- 简单安排一下 autochk.sys 这个rootkit☆71Updated 2 years ago
- 编译时混淆字符串,以确保生成的二进制PE不会暴漏明文字符串。(C++ 14 及以上)☆26Updated 3 years ago