This is a simple example and explanation of obfuscating API resolution via hashing
☆238May 25, 2020Updated 5 years ago
Alternatives and similar repositories for Windows-API-Hashing
Users that are interested in Windows-API-Hashing are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A more stealthy variant of "DLL hollowing"☆365Mar 8, 2024Updated 2 years ago
- hooking KiUserApcDispatcher☆27Apr 3, 2017Updated 9 years ago
- ☆84Aug 26, 2024Updated last year
- Confirms the capability of Hardware-Accelerated Virtualization Technology.☆10Feb 26, 2026Updated 2 months ago
- An example of PE hollowing injection technique☆25Jun 28, 2019Updated 6 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Custom implementation of DbgHelp's MiniDumpWriteDump function. Uses static syscalls to replace low-level functions like NtReadVirtualMemo…☆127Jan 18, 2022Updated 4 years ago
- API hashing written in C to load APIs indirectly using CRC32 hashing☆15Jul 27, 2020Updated 5 years ago
- A VBA implementation of the RunPE technique or how to bypass application whitelisting.☆813Dec 17, 2019Updated 6 years ago
- Execute an arbitrary command within the context of another process☆20Jun 28, 2019Updated 6 years ago
- RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, …☆500Jan 25, 2022Updated 4 years ago
- PoC for detecting and dumping code injection (built and extended on UnRunPE)☆58Oct 23, 2018Updated 7 years ago
- This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret …☆266Apr 29, 2023Updated 3 years ago
- ☆827Dec 28, 2019Updated 6 years ago
- A way to delete a locked file, or current running executable, on disk.☆619Nov 5, 2025Updated 5 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- This project demonstares an illegal read- and write- access to the kernel-mode data for both allocated by 3rd party drivers and EPROCESS …☆13Mar 6, 2018Updated 8 years ago
- This is a simple driver with x64 inline assembly☆55Jun 26, 2020Updated 5 years ago
- ☆170Jan 7, 2022Updated 4 years ago
- Universal Unhooking☆326Sep 19, 2018Updated 7 years ago
- Get your data from the resource section manually, with no need for windows apis☆67Oct 22, 2024Updated last year
- Original C Implementation of the Hell's Gate VX Technique☆1,180Jun 28, 2021Updated 4 years ago
- Converts PE into a shellcode☆2,760Aug 30, 2025Updated 8 months ago
- C# Reflective loader for unmanaged binaries.☆448Jan 25, 2023Updated 3 years ago
- Evasive shellcode loader for bypassing event-based injection detection (PoC)☆826Aug 23, 2021Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Obfuscate specific windows apis with different apis☆1,021Feb 21, 2021Updated 5 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 6 years ago
- It stinks☆103Apr 22, 2022Updated 4 years ago
- Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…☆219Feb 20, 2023Updated 3 years ago
- ☆119Aug 7, 2022Updated 3 years ago
- Debugger checks in 3 ways☆19Jan 25, 2018Updated 8 years ago
- Phantom DLL hollowing PoC☆372May 23, 2022Updated 3 years ago
- A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl☆1,352Apr 18, 2026Updated last week
- Project Ares is a Proof of Concept (PoC) loader written in C/C++ based on the Transacted Hollowing technique☆337Jan 16, 2022Updated 4 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Remote PE reflective injection with a simple reflective loader☆32Jun 28, 2019Updated 6 years ago
- 💉 DLL/Shellcode injection techniques☆715Mar 26, 2019Updated 7 years ago
- A C port of b33f's UrbanBishop☆38Oct 1, 2020Updated 5 years ago
- A memory scanning evasion technique☆901May 24, 2017Updated 8 years ago
- Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS head…☆597Jul 26, 2021Updated 4 years ago
- Mimikatz built as a static library.☆12Feb 9, 2022Updated 4 years ago
- Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode☆2,519Nov 15, 2023Updated 2 years ago