EgeBalci / MapPELinks
PE file mapping and manipulation package.
☆36Updated 3 years ago
Alternatives and similar repositories for MapPE
Users that are interested in MapPE are comparing it to the libraries listed below
Sorting:
- Assembly block for hooking windows API functions.☆92Updated 6 years ago
- A better alternative to RunDLL32☆31Updated 6 years ago
- exploit termdd.sys(support kb4499175)☆59Updated 6 years ago
- GUI Application in C# to run and disassemble shellcode☆35Updated 8 years ago
- Basic multi platform meterpreter loader module.☆15Updated 5 years ago
- A kernel mode Windows rootkit in development.☆49Updated 3 years ago
- ☆92Updated 4 years ago
- Enumerate the DLLs/Modules using NtQueryVirtualMemory☆32Updated 10 years ago
- Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.☆76Updated 2 years ago
- Weaponizing Gigabyte driver for priv escalation and bypass PPL☆68Updated 6 years ago
- An example of how to spawn a process with a spoofed parent PID (Visual C++)☆28Updated 6 years ago
- This is a project to receive Base64 data and decode it in process☆15Updated 5 years ago
- Execute an arbitrary command within the context of another process☆20Updated 6 years ago
- Some simple process injection techniques targeting the Windows platform☆31Updated 5 years ago
- A quick tool for hiding a new process running shellcode.☆57Updated 5 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆106Updated 5 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆40Updated 4 years ago
- Reverse shell without Windows cmd.exe, using ReactOS cmd.dll as shellcode☆22Updated 5 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 7 years ago
- Shellcode to load an appended Dll☆90Updated 4 years ago
- CSharp Writeups for HackSys Extreme Vulnerable Driver☆43Updated 3 years ago
- WORK IN PROGRESS. RAT written in C++ using Win32 API☆20Updated 5 years ago
- C++ implementation of DOUBLEPULSAR usermode shellcode. Yet another Reflective DLL loader.☆30Updated 3 years ago
- An example of PE hollowing injection technique☆24Updated 6 years ago
- ☆31Updated 5 years ago
- Small tool to load shellcodes or PEs to analyze them☆81Updated 7 years ago
- Call 32bit NtDLL API directly from WoW64 Layer☆60Updated 4 years ago
- Reverse Windows shell over TLS☆19Updated 9 years ago
- ☆36Updated 6 years ago
- ☆63Updated 2 years ago