EgeBalci / Hook_API
Assembly block for hooking windows API functions.
☆81Updated 5 years ago
Related projects ⓘ
Alternatives and complementary repositories for Hook_API
- Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.☆68Updated last year
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆103Updated 3 years ago
- Convert PE files to a shellcode☆73Updated 4 years ago
- PoC: Rebuild A New Path Back to the Heaven's Gate (HITB 2021)☆101Updated 3 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆103Updated 4 years ago
- ☆67Updated last year
- POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…☆38Updated 3 years ago
- A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…☆92Updated 5 years ago
- Bypass UAC by abusing the Internet Explorer Add-on installer☆50Updated 3 years ago
- Windows API Hashes used in the malwares☆38Updated 9 years ago
- Windows API Call Obfuscation☆86Updated last year
- Inject shellcode to process using Windows NTAPI for bypassing EDRs and Antiviruses☆40Updated 3 years ago
- Example code for EDR bypassing☆146Updated 5 years ago
- Hijack Printconfig.dll to execute shellcode☆97Updated 3 years ago
- APC DLL Injector with NtQueueApcThread and wake up thread support☆44Updated 7 years ago
- ☆49Updated 4 years ago
- inject or convert shellcode to PE☆37Updated 5 years ago
- An command-line RPC method enumerator, born out of RPCView's awesomeness☆98Updated 5 years ago
- A PoC designed to bypass all usermode hooks in a WoW64 environment.☆148Updated 4 years ago
- A simple dumper as FreshyCalls' PoC. That's what's trendy, isn't it? ¯\_(ツ)_/¯☆39Updated 3 years ago
- Bypass UAC at any level by abusing the Task Scheduler and environment variables☆27Updated 3 years ago
- PoC: Exploit 32-bit Thread Snapshot of WOW64 to Take Over $RIP & Inject & Bypass Antivirus HIPS (HITB 2021)☆160Updated 3 years ago
- Kernel file/process/object tool☆64Updated 3 years ago
- NINA: No Injection, No Allocation x64 Process Injection Technique☆195Updated 4 years ago
- Assembly API block that uses CRC32 for resolving Windows API function addresses☆17Updated last year
- Weaponizing Gigabyte driver for priv escalation and bypass PPL☆68Updated 5 years ago
- Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler☆26Updated 3 years ago
- Used to create wrappers and proxy libraries for Windows binaries.☆71Updated 12 years ago