Fahersto / code_injection
Implementation of several code injection techniques.
☆20Updated 3 years ago
Alternatives and similar repositories for code_injection:
Users that are interested in code_injection are comparing it to the libraries listed below
- ☆26Updated 3 years ago
- IAT-Obfuscation to make static analysis of executable harder.☆42Updated 3 years ago
- A compact tool for detecting AV/EDR hooks in default Windows libraries.☆31Updated 2 years ago
- A kernel mode Windows rootkit in development.☆48Updated 3 years ago
- 32 bit process inject shellcode to 32 bit process and 64 bit process☆30Updated last year
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Updated 3 years ago
- POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…☆40Updated 3 years ago
- ksc4cpp is a shellcode framework for windows kernel based on C++☆22Updated 2 years ago
- ☆52Updated 2 years ago
- Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…☆21Updated 5 years ago
- 关闭恶意驱动的文件和注册表保护☆12Updated 2 years ago
- A PoC tool for exploiting leaked process and thread handles☆30Updated last year
- Tiny driver patch to allow kernel callbacks to work on Win10 21h1☆34Updated 3 years ago
- C++ implementation of DOUBLEPULSAR usermode shellcode. Yet another Reflective DLL loader.☆29Updated 3 years ago
- Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD☆26Updated last year
- ☆37Updated last year
- ☆60Updated 3 years ago
- Hide Port In Windows☆38Updated 5 months ago
- ☆30Updated last year
- A Study in Obfuscation: Analyzing the effect of various techniques to bypass AV engines☆41Updated 2 years ago
- Detect BypassUAC using AMSI☆22Updated last month
- ☆9Updated last year
- Rookit and anti rookit on Windows platform☆12Updated 11 months ago
- Just another version of the custom stack call from Proxy-Function-Calls-For-ETwTI☆32Updated 2 years ago
- ☆11Updated 3 years ago
- Files for http://deniable.org/windows/windows-callbacks☆25Updated 4 years ago
- 从admin冲到TrustedInstaller☆17Updated 2 years ago
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆44Updated last year
- Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules☆41Updated last year
- ☆56Updated 2 years ago