A wrapper class to hide the original calling address of a function
☆54Aug 9, 2020Updated 5 years ago
Alternatives and similar repositories for Spoofed-Call
Users that are interested in Spoofed-Call are comparing it to the libraries listed below
Sorting:
- Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL☆219Nov 12, 2020Updated 5 years ago
- Simple Demo of using Windows Hypervisor Platform☆29Jul 14, 2025Updated 7 months ago
- Old way for blocking NMI interrupts☆29Sep 6, 2022Updated 3 years ago
- PointerGuard is a proof-of-concept tool used to create 'guarded' pointers which disguise pointer addresses, monitor reads/writes, and pre…☆57May 23, 2022Updated 3 years ago
- C/C++ example of InjectMouseInput function☆35Apr 17, 2021Updated 4 years ago
- Discarded Section Manual Map☆70Jun 18, 2020Updated 5 years ago
- pdb's function and global vars to offset☆10Apr 11, 2023Updated 2 years ago
- ☆35Jun 13, 2020Updated 5 years ago
- A simple x86_64 AMD-v hypervisor type-2 Programmed with C++, with soon to be added syscall hooks. [W.I.P]☆104Aug 3, 2023Updated 2 years ago
- Simple handler for bypass battleye in 5 seconds☆11May 23, 2021Updated 4 years ago
- ☆18Dec 4, 2020Updated 5 years ago
- Easy Anti PatchGuard☆223Apr 9, 2021Updated 4 years ago
- A helper class for hardware breakpoints☆11Apr 25, 2020Updated 5 years ago
- Hide codes/data in the kernel address space.☆188May 8, 2021Updated 4 years ago
- Hook NtDeviceIoControlFile with PatchGuard☆107May 10, 2022Updated 3 years ago
- ☆36Mar 19, 2019Updated 6 years ago
- Compileable POC of namazso's x64 return address spoofer.☆50Jun 10, 2020Updated 5 years ago
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆183Nov 30, 2017Updated 8 years ago
- ☆36Jun 20, 2022Updated 3 years ago
- Hooking kernel functions by abusing alignment☆248Jan 5, 2021Updated 5 years ago
- Custom KiSystemStartup, can be used to modificate kernel before boot.☆53Apr 7, 2022Updated 3 years ago
- neat way to detect memory read using nt layer function.☆14Aug 4, 2023Updated 2 years ago
- i stole this from some guys private repo on github☆58Jul 11, 2021Updated 4 years ago
- Invoke functions with a spoofed return address. For 32-bit Windows binaries. Supports __fastcall, __thiscall, __stdcall and __cdecl calli…☆175Feb 17, 2023Updated 3 years ago
- Drawing from kernelmode without any hooks☆174Jul 7, 2022Updated 3 years ago
- Detect removed thread from PspCidTable.☆75Mar 18, 2022Updated 3 years ago
- A minimalistic way to spoof return addresses without using exceptions☆17Jul 26, 2022Updated 3 years ago
- bypass CRC☆12May 3, 2018Updated 7 years ago
- IO隐藏通信封装☆17May 31, 2021Updated 4 years ago
- clearing traces of a loaded driver☆47Jul 2, 2022Updated 3 years ago
- Kernel driver for detecting Intel VT-x hypervisors.☆197Jul 11, 2023Updated 2 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- All Nt Syscall and W32k Syscall in one asm, include, and call it!☆58Nov 4, 2021Updated 4 years ago
- the basic version of the ring0 physical memory read/write tool☆92Aug 18, 2019Updated 6 years ago
- Simulate SendInput with ClassService☆35Sep 5, 2018Updated 7 years ago
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆151Feb 12, 2022Updated 4 years ago
- ☆192Dec 8, 2021Updated 4 years ago
- Hooking the Virtual Method Table using VMT shadow hooking☆27Oct 2, 2020Updated 5 years ago
- The Kernel-Mode Winsock library, supporting TCP, UDP and Unix sockets (DGRAM and STREAM).☆288Jan 27, 2025Updated last year