CrackerCat / CallObfuscator
Obfuscate specific windows apis with different apis
☆12Updated last month
Related projects: ⓘ
- 从admin冲到TrustedInstaller☆16Updated last year
- Process Hollowing Packer☆25Updated 7 years ago
- A kernel mode Windows rootkit in development.☆49Updated 2 years ago
- ☆12Updated 2 years ago
- PEBFake(修改PEB 伪装当前进程路径、参数等)☆49Updated 3 years ago
- exploit termdd.sys(support kb4499175)☆58Updated 5 years ago
- ☆15Updated this week
- POC For CVE-2022-24483☆14Updated 2 years ago
- 参考taviso的代码逆向一下mpengine.dll☆19Updated 2 years ago
- ☆18Updated 8 years ago
- cve-2019-0808-poc☆47Updated 5 years ago
- May the POC be with you☆48Updated last month
- A tool is used to infected a shellcode to PE file, the shellcode is packed at compile time and unpacked at runtime☆13Updated 4 years ago
- ☆24Updated 5 years ago
- Enumerate the DLLs/Modules using NtQueryVirtualMemory☆33Updated 9 years ago
- ☆35Updated 5 years ago
- ☆20Updated 4 years ago
- Here is python script I wrote for deobfuscation APT32 sample.☆10Updated 3 years ago
- Files for http://deniable.org/windows/windows-callbacks☆24Updated 4 years ago
- IAT-Obfuscation to make static analysis of executable harder.☆41Updated 3 years ago
- POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…☆38Updated 2 years ago
- x86/x64 dll injector☆28Updated 2 years ago
- AppContainerBypass☆21Updated 3 years ago
- ☆39Updated 2 years ago
- ☆36Updated 4 years ago
- A compact tool for detecting AV/EDR hooks in default Windows libraries.☆29Updated 2 years ago
- A quick tool for hiding a new process running shellcode.☆53Updated 4 years ago
- A years-old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77.☆35Updated 2 years ago
- Open-source EDR kernel-component for system monitoring and DLL injection☆30Updated 3 years ago
- ☆15Updated this week