Call NtCreateUserProcess directly as normal.
☆77May 17, 2022Updated 3 years ago
Alternatives and similar repositories for Direct-NtCreateUserProcess
Users that are interested in Direct-NtCreateUserProcess are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- 扫描以及恢复 r3hook 类☆10Aug 29, 2021Updated 4 years ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆72May 11, 2022Updated 3 years ago
- Hook NtDeviceIoControlFile with PatchGuard☆107May 10, 2022Updated 3 years ago
- ☆48Nov 7, 2018Updated 7 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- A proof of concept of real custom GetProcAddress and GetModuleBaseAddress☆21Jul 9, 2022Updated 3 years ago
- A simple example how to decrypt kernel debugger data block☆32Feb 8, 2021Updated 5 years ago
- ☆13Jan 21, 2019Updated 7 years ago
- A small PoC that creates processes in Windows☆187Jun 6, 2024Updated last year
- Hijack NotifyRoutine for a kernelmode thread☆41Jun 4, 2022Updated 3 years ago
- Kill Protected Process Light Process (include av)☆57Sep 15, 2023Updated 2 years ago
- Hotkey-based keylogger for Windows☆33Oct 17, 2024Updated last year
- Interprocess communication library, providing the ability to call functions from each other☆20Oct 3, 2019Updated 6 years ago
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆183Nov 30, 2017Updated 8 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Enum and Remove Hook in Windows☆52Mar 28, 2026Updated last week
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆37Jul 27, 2021Updated 4 years ago
- Minimal PoC developed as discuss in https://captmeelo.com/redteam/maldev/2022/05/10/ntcreateuserprocess.html☆144May 10, 2022Updated 3 years ago
- Windows API Call Obfuscation☆113Dec 9, 2022Updated 3 years ago
- 大数字驱动逆向代码☆78Nov 4, 2023Updated 2 years ago
- ☆44Oct 7, 2018Updated 7 years ago
- Kernel shellcode injector☆148Mar 23, 2021Updated 5 years ago
- ☆14Mar 8, 2019Updated 7 years ago
- Quick check of NT kernel exported&unexported functions/global variable offset NT内核导出以及未导出函数+全局变量偏移速查☆98Mar 30, 2023Updated 3 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- 过去写的一些Windows安全研究相关代码☆135Feb 2, 2019Updated 7 years ago
- HyperDbg's Graphical User Interface (GUI)☆84Updated this week
- Mhy Exp (exploit signed driver)☆141May 17, 2022Updated 3 years ago
- The Kernel-Mode Winsock library, supporting TCP, UDP and Unix sockets (DGRAM and STREAM).☆289Jan 27, 2025Updated last year
- 利用物理内存映射,实现虚拟内存的伪隐藏☆86Sep 15, 2022Updated 3 years ago
- For Example. See Miro's Blog☆30Nov 26, 2022Updated 3 years ago
- InfinityHookPro Win7 -> Win11 latest☆552Feb 7, 2023Updated 3 years ago
- A general solution to simulate execution of virtualized instructions (vmprotect/themida, etc.).☆77Feb 9, 2022Updated 4 years ago
- Windows 7/2008 R2 EoP☆13Feb 12, 2021Updated 5 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- 从MmPfnData中枚举进程和页目录基址☆210Aug 18, 2023Updated 2 years ago
- x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration☆393Jul 6, 2022Updated 3 years ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆140Sep 12, 2022Updated 3 years ago
- It stinks☆103Apr 22, 2022Updated 3 years ago
- ☆174Mar 9, 2022Updated 4 years ago
- Code Injection, Inject malicious payload via pagetables pml4.☆243Jul 7, 2021Updated 4 years ago
- �☆12Dec 15, 2016Updated 9 years ago