User-mode part of Zerokit platform
☆22Mar 30, 2019Updated 6 years ago
Alternatives and similar repositories for possessor
Users that are interested in possessor are comparing it to the libraries listed below
Sorting:
- Analysis and Modification Tool for Executables☆17Mar 28, 2019Updated 6 years ago
- Zerokit shared code☆17Mar 28, 2019Updated 6 years ago
- Windows 10 UAC bypass PoC using LaunchInfSection☆35Aug 3, 2018Updated 7 years ago
- executing JS from x86 code☆27May 9, 2019Updated 6 years ago
- Confirms the capability of Hardware-Accelerated Virtualization Technology.☆10Updated this week
- Zerokit/GAPZ rootkit (non buildable and only for researching)☆185Mar 30, 2019Updated 6 years ago
- HTTP/HTTPS/DNS inspector (windows driver)☆27Feb 20, 2019Updated 7 years ago
- Green shellcode challenge tools☆22Apr 9, 2019Updated 6 years ago
- Provides a way which you can load a .NET dll/exe from disk, modify/inject IL, and then run the assembly all in memory without modifying t…☆29Mar 31, 2017Updated 8 years ago
- A tiny PoC to inject and execute code into explorer.exe with WM_SETTEXT+WM_COPYDATA+SetThreadContext☆53Apr 29, 2018Updated 7 years ago
- Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling☆32Aug 7, 2019Updated 6 years ago
- Joker Botnet Source LEAKED☆10Jun 5, 2021Updated 4 years ago
- ☆13Nov 1, 2017Updated 8 years ago
- Escalation of privilege exploit for Dell BIOS flasher (Flash64W) (2017)☆13Dec 7, 2020Updated 5 years ago
- A loadable dll that tracks memory changes, IAT hooks, and dynamically emplaced "JMP" in the x86 host executable.☆12Oct 22, 2023Updated 2 years ago
- map driver to memory☆26Aug 26, 2018Updated 7 years ago
- A new binary injection technique, can easily go through any #CIG protected process and slip through all possible defenses without any inj…☆18Mar 8, 2018Updated 7 years ago
- Windows Hypervisor Platform client☆31Jun 13, 2018Updated 7 years ago
- Remote PE reflective injection with a simple reflective loader☆32Jun 28, 2019Updated 6 years ago
- lz77win sources!lz77 is the compression software for the windows platform.☆24Apr 16, 2019Updated 6 years ago
- a sandbox project by sudami☆17Jul 31, 2018Updated 7 years ago
- KLEESpectre is a symbolic execution engine with speculation semantic and cache modelling☆36Feb 28, 2020Updated 6 years ago
- Kindly Win x86/x64 DLL Injector☆15Aug 17, 2019Updated 6 years ago
- Kernel mode windows NT API logger☆22Sep 9, 2019Updated 6 years ago
- win7 apc注入不支持win10☆18Mar 29, 2019Updated 6 years ago
- Using Undocumented NTDLL Functions to Read/Write/Delete File☆18Jan 25, 2021Updated 5 years ago
- The Windows 10 LPE exploit written by SandboxEscaper☆110Oct 2, 2018Updated 7 years ago
- My articles for Paged Out! #2☆17Nov 20, 2019Updated 6 years ago
- Windows hard shutdown shellcode. Don't need administrator rights.☆14Mar 31, 2016Updated 9 years ago
- Minimal Intervention and Software Transformation - PoC Packer designed for AV detection bypass☆18Nov 4, 2017Updated 8 years ago
- Windows NT port of 'Main is usually a function. So then when is it not?'☆27Mar 11, 2024Updated last year
- ASLR bypass in Chrome version 77☆24Oct 28, 2019Updated 6 years ago
- Windows Application Loader Running *.Exe files in Memory against Scrylla☆21Dec 20, 2019Updated 6 years ago
- Some interesting code☆18Jan 16, 2015Updated 11 years ago
- An example of PE hollowing injection technique☆25Jun 28, 2019Updated 6 years ago
- ☆48Jun 30, 2020Updated 5 years ago
- PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook☆12May 30, 2024Updated last year
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆22May 31, 2017Updated 8 years ago
- You don't need install any wdk for development kernel driver☆24Jul 20, 2018Updated 7 years ago