Simple header only library to change return address on current stack frame.
☆22Sep 4, 2016Updated 9 years ago
Alternatives and similar repositories for ReturnAddressHider
Users that are interested in ReturnAddressHider are comparing it to the libraries listed below
Sorting:
- Easily hook WIN32 x64 functions☆18Feb 19, 2025Updated last year
- ☆19Jul 20, 2015Updated 10 years ago
- windows create process with a dll load first time via LdrHook☆31Oct 21, 2016Updated 9 years ago
- The dll that can hide itself and then delete itselft.☆32Mar 31, 2013Updated 12 years ago
- Library for using direct system calls☆36Jan 30, 2025Updated last year
- Automatically exported from code.google.com/p/windbgshark☆12Nov 3, 2015Updated 10 years ago
- Kernel Hook X64☆26Oct 11, 2020Updated 5 years ago
- fork HoShiMin Avanguard☆20Sep 29, 2018Updated 7 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆22May 31, 2017Updated 8 years ago
- Notes my learning steps about Windows-NT☆23May 18, 2017Updated 8 years ago
- 管道监视器,类似于spyxx之类的东西,一般用于监视目标进程的系统调用.关键词:detours+piep☆23Feb 26, 2014Updated 12 years ago
- x64 assembler library☆31Jun 7, 2024Updated last year
- usermode standalone kernel interface☆111Jul 9, 2018Updated 7 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆78Aug 12, 2015Updated 10 years ago
- ☆36Oct 29, 2020Updated 5 years ago
- Software Distribution Service☆12Jul 2, 2015Updated 10 years ago
- neat way to detect memory read using nt layer function.☆14Aug 4, 2023Updated 2 years ago
- ☆82Dec 3, 2017Updated 8 years ago
- ☆99Oct 6, 2017Updated 8 years ago
- Kernel mode driver loader, injecting into the windows kernel, Rootkit. Driver injections.☆48Nov 9, 2014Updated 11 years ago
- The kernel mode Standard Template Library Template☆19Feb 22, 2020Updated 6 years ago
- Simple code to manipulate the memory of a usermode process from kernel.☆14Apr 24, 2023Updated 2 years ago
- ☆15Mar 13, 2023Updated 2 years ago
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆183Nov 30, 2017Updated 8 years ago
- Spoof Windows Test Signing Mode☆29Oct 13, 2018Updated 7 years ago
- Windows Kernel Driver with C++ runtime☆181Sep 26, 2020Updated 5 years ago
- All Nt Syscall and W32k Syscall in one asm, include, and call it!☆58Nov 4, 2021Updated 4 years ago
- ☆15Oct 7, 2020Updated 5 years ago
- 一些研究☆14Dec 18, 2019Updated 6 years ago
- Code Injector Using Code Caves☆15Jul 12, 2015Updated 10 years ago
- ☆17Oct 31, 2022Updated 3 years ago
- Anti-virus engine in Windows using VC++ 6.0 and MFC. We applied windows multithreading in virus scan method and user interface. Using MFC…☆16Oct 21, 2016Updated 9 years ago
- 内核级ARK工具。☆62Aug 1, 2016Updated 9 years ago
- network filter driver that control network send speed, based on windows tdi framework.☆31Feb 16, 2024Updated 2 years ago
- Analysing and defeating PatchGuard universally☆36Nov 4, 2020Updated 5 years ago
- The Win32 Anti-Intrusion Library☆213May 30, 2019Updated 6 years ago
- Code injection by hijacking threads in Windows 32-bit applications☆44Oct 3, 2018Updated 7 years ago
- ☆28Nov 20, 2017Updated 8 years ago
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆66Apr 4, 2020Updated 5 years ago