Abusing exceptions for code execution.
☆113Jan 30, 2023Updated 3 years ago
Alternatives and similar repositories for ExceptionOrientedProgramming
Users that are interested in ExceptionOrientedProgramming are comparing it to the libraries listed below
Sorting:
- ☆90Jun 2, 2024Updated last year
- Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!☆249Jul 9, 2024Updated last year
- Recursive and arbitrary code execution at kernel-level without a system thread creation☆159Apr 13, 2023Updated 2 years ago
- White-box analytic framework based on LLVM☆39Jun 10, 2019Updated 6 years ago
- rp-bf: A library to bruteforce ROP gadgets by emulating a Windows user-mode crash-dump☆121May 1, 2024Updated last year
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆136Jan 2, 2023Updated 3 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆268Aug 31, 2022Updated 3 years ago
- HyperDeceit is the ultimate all-in-one library that emulates Hyper-V for Windows, giving you the ability to intercept and manipulate oper…☆376Jun 3, 2023Updated 2 years ago
- ☆13Sep 25, 2023Updated 2 years ago
- LLVM Without The ROP Gadgets!☆25Jan 9, 2024Updated 2 years ago
- PoC: Rebuild A New Path Back to the Heaven's Gate (HITB 2021)☆109May 27, 2021Updated 4 years ago
- Hijack NotifyRoutine for a kernelmode thread☆41Jun 4, 2022Updated 3 years ago
- WTSRM☆216Aug 7, 2022Updated 3 years ago
- Execute a payload at each right click on a file/folder in the explorer menu for persistence☆175Mar 15, 2023Updated 2 years ago
- ☆274Jan 14, 2023Updated 3 years ago
- miscellaneous scripts and programs☆277Jan 23, 2025Updated last year
- x86 PE Mutator☆233Dec 24, 2022Updated 3 years ago
- ☆60Jan 9, 2023Updated 3 years ago
- Hook all callbacks which are registered with LdrRegisterDllNotification☆96Apr 3, 2025Updated 10 months ago
- Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscal…☆322Aug 2, 2023Updated 2 years ago
- A bunch of scripts and code i wrote.☆149Nov 7, 2024Updated last year
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆83Dec 21, 2022Updated 3 years ago
- x86 and x64 assembly "read-eval-print loop" for Windows☆35Aug 13, 2017Updated 8 years ago
- Static Binary Instrumentation tool for Windows x64 executables☆206Sep 29, 2025Updated 4 months ago
- Demo proof of concept for shadow regions, and implementation of HyperDeceit.☆314May 31, 2023Updated 2 years ago
- Finding Truth in the Shadows☆123Jan 26, 2023Updated 3 years ago
- Replace the .txt section of the current loaded modules from \KnownDlls\☆305Sep 28, 2022Updated 3 years ago
- Native code virtualizer for x64 binaries☆516Dec 20, 2024Updated last year
- A more stealthy variant of "DLL hollowing"☆363Mar 8, 2024Updated last year
- ☆17Oct 31, 2022Updated 3 years ago
- rust clr heap encryption (https://github.com/lap1nou/CLR_Heap_encryption), but no heap encryption.☆17Jan 6, 2024Updated 2 years ago
- The code is a pingback to the Dark Vortex blog:☆186Jan 26, 2023Updated 3 years ago
- Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2☆250Jul 5, 2022Updated 3 years ago
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆676Dec 23, 2022Updated 3 years ago
- Windows (ShadowMove) Socket Duplication☆87Apr 19, 2020Updated 5 years ago
- A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…☆536Aug 1, 2022Updated 3 years ago
- A library to develop kernel level Windows payloads for post HVCI era☆485May 18, 2021Updated 4 years ago
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆317Oct 13, 2024Updated last year
- Reversed WintaPix Malware Source code | That targets countries in the Middle East and abuse KeServiceDescriptorTable(SSDT), persistence a…☆22Jul 6, 2024Updated last year