CarlosG13 / Process-Hypnosis-Debugger-assisted-control-flow-hijackLinks
☆37Updated last year
Alternatives and similar repositories for Process-Hypnosis-Debugger-assisted-control-flow-hijack
Users that are interested in Process-Hypnosis-Debugger-assisted-control-flow-hijack are comparing it to the libraries listed below
Sorting:
- Next gen process injection technique☆54Updated 5 years ago
- Collection of different rootkit functionality, each driver representing a different rootkit component☆12Updated 3 months ago
- Reimplementation of the KExecDD DSE bypass technique.☆53Updated 11 months ago
- Splitting and executing shellcode across multiple pages☆101Updated 2 years ago
- "Service-less" driver loading☆159Updated 9 months ago
- Malware?☆74Updated 10 months ago
- A bunch of scripts and code i wrote.☆143Updated 9 months ago
- lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.☆114Updated 11 months ago
- Windows x64 kernel mode rootkit process hollowing POC.☆188Updated 2 years ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆77Updated last year
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆108Updated 2 years ago
- ☆58Updated 4 months ago
- simple user-mode Rootkit☆105Updated 2 years ago
- Research into removing strings & API call references at compile-time (Anti-Analysis)☆27Updated last year
- Demoting PPL anti-malware services to less than a guest user☆64Updated 7 months ago
- Piece of code to detect and remove hooks in IAT☆64Updated 3 years ago
- ☆42Updated 2 years ago
- shell code example☆62Updated 3 months ago
- a stage1 DLL loader with sleep obfuscation☆37Updated 2 years ago
- Section-based payload obfuscation technique for x64☆64Updated last year
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.☆73Updated last year
- A 64 bit executable junk code engine for polymorphic malware.☆66Updated 2 months ago
- API Hammering with C++20☆49Updated 3 years ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆65Updated last year
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆67Updated 4 months ago
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution☆43Updated last year
- A Bumblebee-inspired Crypter☆79Updated 2 years ago
- BYOVD Technique Example using viragt64 driver☆49Updated last year
- Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…☆79Updated 2 months ago
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆180Updated 2 years ago