C485 / ReturnAddressHider
Simple header only library to change return address on current stack frame.
☆23Updated 8 years ago
Alternatives and similar repositories for ReturnAddressHider:
Users that are interested in ReturnAddressHider are comparing it to the libraries listed below
- Polymorphic Stub Creator☆30Updated 7 years ago
- Library for using direct system calls☆35Updated 4 years ago
- ☆16Updated 4 years ago
- Translates WinDbg "dt" structure dump to a C structure☆13Updated 4 years ago
- Shareds for kernel developement☆27Updated 11 years ago
- Demo List cm/ps/ob/minifilter callback And Patch/Bypass it☆28Updated 7 years ago
- Some crazy PE executables protection kernel driver☆18Updated 4 years ago
- win32/x64 obfuscate framework☆32Updated 5 years ago
- PoC of BOOST-ed _EPROCESS.VadRoot iterating☆25Updated 10 years ago
- Analysing and defeating PatchGuard universally☆34Updated 4 years ago
- Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling☆31Updated 5 years ago
- x64 Kernel Hooks Detection☆24Updated 8 years ago
- ☆10Updated 7 years ago
- Protected Process Light Library☆18Updated 4 years ago
- Example of hijacking system calls via function pointer tables☆32Updated 3 years ago
- Kinject - kernel dll injector, currently available in x86 version, will be updated to x64 soon.☆32Updated 9 years ago
- using gpuz to load driver☆31Updated 5 years ago
- viewing page boundaries of pages with PAGE_NOACCESS protection reveals the presence of x64dbg.☆23Updated 8 years ago
- Wow64 syscall hook☆40Updated 7 years ago
- fork HoShiMin Avanguard☆19Updated 6 years ago
- A POC for Windows Extension Host hooking☆22Updated 5 years ago
- Driver Loader/BE Bypass/Win Malware(lol)☆34Updated 5 years ago
- ☆24Updated 5 years ago
- ☆26Updated 7 years ago
- NT reversal☆26Updated 6 years ago
- Software Distribution Service☆12Updated 9 years ago