EyeOfRa / WinConMon
Windows Console Monitoring
☆99Updated 7 years ago
Alternatives and similar repositories for WinConMon:
Users that are interested in WinConMon are comparing it to the libraries listed below
- A utility to use the usermode shellcode from the DOUBLEPULSAR payload to reflectively load an arbitrary DLL into another process, for use…☆117Updated 7 years ago
- PoC for detecting and dumping code injection (built and extended on UnRunPE)☆56Updated 6 years ago
- CAPE monitor DLLs☆39Updated 5 years ago
- Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment☆120Updated 4 years ago
- C++☆80Updated 8 years ago
- A slightly stripped down version of RID (an exercise in learning python C-Types...some of it is a little rushed/sloppy) and a stripped do…☆51Updated 12 years ago
- kernel exploitation helper class☆76Updated 8 years ago
- a program to detect reflective dll injection on a live machine☆75Updated 9 years ago
- A process overwriting its own PEB to make an illusion that it has been loaded from a different path.☆94Updated 3 years ago
- A tiny PoC to inject and execute code into explorer.exe with WM_SETTEXT+WM_COPYDATA+SetThreadContext☆50Updated 6 years ago
- DLL Injection Library & Tools☆72Updated 8 years ago
- A simple API monitor for Windbg☆63Updated 7 years ago
- ☆51Updated 8 years ago
- public bugs/proof of concepts☆48Updated 4 years ago
- Adding exceptions to Microsoft's Control Flow Guard (CFG)☆58Updated 8 years ago
- zer0m0n driver for cuckoo sandbox☆87Updated 8 years ago
- Process reimaging proof of concept code☆96Updated 5 years ago
- Load a Windows Kernel Driver☆92Updated 7 years ago
- A tool to exploit .NET DCOM for EoP and RCE. Is fixed in latest versions of the .NET.☆88Updated 10 years ago
- The Minimalistic x86/x64 API Hooking Library for Windows☆32Updated 6 years ago
- Process Doppelgänging☆156Updated 7 years ago
- Reflective Polymorphism☆104Updated 6 years ago
- Windows Drivers☆97Updated 5 years ago
- Bypass antivirus with dynamic import. Hide the api(s) used.☆26Updated 8 years ago
- Implements the POP/MOV SS (CVE-2018-8897) vulnerability by leveraging SYSCALL to perform a local privilege escalation (LPE).☆116Updated 6 years ago
- An attempt at Process Doppelgänging☆184Updated 7 years ago
- ☆113Updated 8 years ago
- ☆45Updated 6 years ago
- Simple library to spray the Windows Kernel Pool☆107Updated 5 years ago
- Windbg extension to find PatchGuard pages☆118Updated 10 years ago