Abusing exceptions for code execution.
☆113Jan 30, 2023Updated 3 years ago
Alternatives and similar repositories for ExceptionOrientedProgramming
Users that are interested in ExceptionOrientedProgramming are comparing it to the libraries listed below
Sorting:
- ☆90Jun 2, 2024Updated last year
- Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!☆251Jul 9, 2024Updated last year
- Recursive and arbitrary code execution at kernel-level without a system thread creation☆159Apr 13, 2023Updated 2 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆271Aug 31, 2022Updated 3 years ago
- ☆13Sep 25, 2023Updated 2 years ago
- Hijack NotifyRoutine for a kernelmode thread☆41Jun 4, 2022Updated 3 years ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆136Jan 2, 2023Updated 3 years ago
- rp-bf: A library to bruteforce ROP gadgets by emulating a Windows user-mode crash-dump☆121May 1, 2024Updated last year
- HyperDeceit is the ultimate all-in-one library that emulates Hyper-V for Windows, giving you the ability to intercept and manipulate oper…☆380Jun 3, 2023Updated 2 years ago
- White-box analytic framework based on LLVM☆39Jun 10, 2019Updated 6 years ago
- Self-hosting binary instrumentation framework for security research☆12Apr 10, 2023Updated 2 years ago
- Hook all callbacks which are registered with LdrRegisterDllNotification☆97Apr 3, 2025Updated 11 months ago
- ☆61Jan 9, 2023Updated 3 years ago
- Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscal…☆322Aug 2, 2023Updated 2 years ago
- Execute a payload at each right click on a file/folder in the explorer menu for persistence☆175Mar 15, 2023Updated 3 years ago
- Stripped-down release of Tiny CC for minimalist coding on 64-bit Windows.☆43Jan 31, 2026Updated last month
- PoC: Rebuild A New Path Back to the Heaven's Gate (HITB 2021)☆109May 27, 2021Updated 4 years ago
- Reversed WintaPix Malware Source code | That targets countries in the Middle East and abuse KeServiceDescriptorTable(SSDT), persistence a…☆22Jul 6, 2024Updated last year
- LLVM Without The ROP Gadgets!☆25Jan 9, 2024Updated 2 years ago
- The code is a pingback to the Dark Vortex blog:☆186Jan 26, 2023Updated 3 years ago
- miscellaneous scripts and programs☆277Jan 23, 2025Updated last year
- WTSRM☆216Aug 7, 2022Updated 3 years ago
- Finding Truth in the Shadows��☆124Jan 26, 2023Updated 3 years ago
- Implementation of Advanced Module Stomping and Heap/Stack Encryption☆225Jul 25, 2023Updated 2 years ago
- A more stealthy variant of "DLL hollowing"☆363Mar 8, 2024Updated 2 years ago
- ☆275Jan 14, 2023Updated 3 years ago
- Infect Shared Files In Memory for Lateral Movement☆193Dec 14, 2022Updated 3 years ago
- Code Injection, Inject malicious payload via pagetables pml4.☆243Jul 7, 2021Updated 4 years ago
- rust clr heap encryption (https://github.com/lap1nou/CLR_Heap_encryption), but no heap encryption.☆17Jan 6, 2024Updated 2 years ago
- Simple anti-instrumentation with EFLAGS.AC☆17Mar 31, 2025Updated 11 months ago
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆321Oct 13, 2024Updated last year
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆84Dec 21, 2022Updated 3 years ago
- Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2☆250Jul 5, 2022Updated 3 years ago
- x86 PE Mutator☆233Dec 24, 2022Updated 3 years ago
- Replace the .txt section of the current loaded modules from \KnownDlls\☆305Sep 28, 2022Updated 3 years ago
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆675Dec 23, 2022Updated 3 years ago
- Static Binary Instrumentation tool for Windows x64 executables☆206Sep 29, 2025Updated 5 months ago
- A simple ptrace-less shared library injector for x64 Linux☆283Jan 27, 2023Updated 3 years ago
- Demo proof of concept for shadow regions, and implementation of HyperDeceit.☆317May 31, 2023Updated 2 years ago