Simple header only library to change return address on current stack frame.
☆22Sep 4, 2016Updated 9 years ago
Alternatives and similar repositories for ReturnAddressHider
Users that are interested in ReturnAddressHider are comparing it to the libraries listed below
Sorting:
- windows create process with a dll load first time via LdrHook☆31Oct 21, 2016Updated 9 years ago
- Software Distribution Service☆12Jul 2, 2015Updated 10 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆23May 31, 2017Updated 8 years ago
- Library for using direct system calls☆35Jan 30, 2025Updated last year
- ☆19Jul 20, 2015Updated 10 years ago
- Code injection by hijacking threads in Windows 32-bit applications☆44Oct 3, 2018Updated 7 years ago
- Code Injector Using Code Caves☆15Jul 12, 2015Updated 10 years ago
- Minimal Intervention and Software Transformation - PoC Packer designed for AV detection bypass☆18Nov 4, 2017Updated 8 years ago
- Automatically exported from code.google.com/p/windbgshark☆12Nov 3, 2015Updated 10 years ago
- Easily hook WIN32 x64 functions☆18Feb 19, 2025Updated last year
- ☆82Dec 3, 2017Updated 8 years ago
- The dll that can hide itself and then delete itselft.☆32Mar 31, 2013Updated 12 years ago
- Notes my learning steps about Windows-NT☆23May 18, 2017Updated 8 years ago
- Program to leak anti-virus behaviour and such☆14Apr 18, 2019Updated 6 years ago
- ☆12Nov 17, 2014Updated 11 years ago
- Kernel Hook X64☆26Oct 11, 2020Updated 5 years ago
- All Nt Syscall and W32k Syscall in one asm, include, and call it!☆58Nov 4, 2021Updated 4 years ago
- ☆99Oct 6, 2017Updated 8 years ago
- Branch based windows debugger☆22Jul 30, 2019Updated 6 years ago
- ☆15Oct 7, 2020Updated 5 years ago
- ☆36Oct 29, 2020Updated 5 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆78Aug 12, 2015Updated 10 years ago
- usermode standalone kernel interface☆111Jul 9, 2018Updated 7 years ago
- Wow64 syscall hook☆43May 28, 2017Updated 8 years ago
- PoC for Bypassing UM Hooks By Bruteforcing Intel Syscalls☆39Nov 20, 2015Updated 10 years ago
- PoC for hiding PE exports☆67Dec 19, 2020Updated 5 years ago
- fork HoShiMin Avanguard☆20Sep 29, 2018Updated 7 years ago
- 🧶 The Win32 usermode threading library with UMS/fibers/threads support☆30Jul 1, 2019Updated 6 years ago
- 内核级ARK工具。☆62Aug 1, 2016Updated 9 years ago
- x64 assembler library☆31Jun 7, 2024Updated last year
- 管道监视器,类似于spyxx之类的东西,一般用于监视目标进程的系统调用.关键词:detours+piep☆23Feb 26, 2014Updated 12 years ago
- Anti-virus engine in Windows using VC++ 6.0 and MFC. We applied windows multithreading in virus scan method and user interface. Using MFC…☆16Oct 21, 2016Updated 9 years ago
- Modify process handle permissions☆61Nov 30, 2016Updated 9 years ago
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆182Nov 30, 2017Updated 8 years ago
- Prototype of hijacking Windows driver dispatch routines in unmapped discardable sections☆55Mar 30, 2019Updated 6 years ago
- Kernel mode driver loader, injecting into the windows kernel, Rootkit. Driver injections.☆47Nov 9, 2014Updated 11 years ago
- Analysing and defeating PatchGuard universally☆36Nov 4, 2020Updated 5 years ago
- Simple driver loader for windows☆18May 22, 2020Updated 5 years ago
- library, which help to describe or load and execute PE files.☆55Jun 23, 2013Updated 12 years ago