This is a simple example and explanation of obfuscating API resolution via hashing
☆239May 25, 2020Updated 6 years ago
Alternatives and similar repositories for Windows-API-Hashing
Users that are interested in Windows-API-Hashing are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A more stealthy variant of "DLL hollowing"☆366Mar 8, 2024Updated 2 years ago
- hooking KiUserApcDispatcher☆27Apr 3, 2017Updated 9 years ago
- ☆84Aug 26, 2024Updated last year
- Confirms the capability of Hardware-Accelerated Virtualization Technology.☆10Feb 26, 2026Updated 3 months ago
- An example of PE hollowing injection technique☆26Jun 28, 2019Updated 6 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Custom implementation of DbgHelp's MiniDumpWriteDump function. Uses static syscalls to replace low-level functions like NtReadVirtualMemo…☆127Jan 18, 2022Updated 4 years ago
- API hashing written in C to load APIs indirectly using CRC32 hashing☆15Jul 27, 2020Updated 5 years ago
- A VBA implementation of the RunPE technique or how to bypass application whitelisting.☆813Dec 17, 2019Updated 6 years ago
- Execute an arbitrary command within the context of another process☆20Jun 28, 2019Updated 6 years ago
- RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, …☆500Jan 25, 2022Updated 4 years ago
- PoC for detecting and dumping code injection (built and extended on UnRunPE)☆58Oct 23, 2018Updated 7 years ago
- This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret …☆267Apr 29, 2023Updated 3 years ago
- ☆828Dec 28, 2019Updated 6 years ago
- A way to delete a locked file, or current running executable, on disk.☆620Nov 5, 2025Updated 7 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- This is a simple driver with x64 inline assembly☆55Jun 26, 2020Updated 5 years ago
- This project demonstares an illegal read- and write- access to the kernel-mode data for both allocated by 3rd party drivers and EPROCESS …☆13Mar 6, 2018Updated 8 years ago
- ☆170Jan 7, 2022Updated 4 years ago
- Universal Unhooking☆326Sep 19, 2018Updated 7 years ago
- Get your data from the resource section manually, with no need for windows apis☆67Oct 22, 2024Updated last year
- Original C Implementation of the Hell's Gate VX Technique☆1,190Jun 28, 2021Updated 4 years ago
- Converts PE into a shellcode☆2,770Aug 30, 2025Updated 9 months ago
- C# Reflective loader for unmanaged binaries.☆446Jan 25, 2023Updated 3 years ago
- Evasive shellcode loader for bypassing event-based injection detection (PoC)☆829Aug 23, 2021Updated 4 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Obfuscate specific windows apis with different apis☆1,020Feb 21, 2021Updated 5 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆193Mar 26, 2020Updated 6 years ago
- It stinks☆102Apr 22, 2022Updated 4 years ago
- Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…☆218Feb 20, 2023Updated 3 years ago
- ☆118Aug 7, 2022Updated 3 years ago
- Debugger checks in 3 ways☆19Jan 25, 2018Updated 8 years ago
- Phantom DLL hollowing PoC☆371May 23, 2022Updated 4 years ago
- A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl☆1,360Apr 18, 2026Updated last month
- Project Ares is a Proof of Concept (PoC) loader written in C/C++ based on the Transacted Hollowing technique☆336Jan 16, 2022Updated 4 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Remote PE reflective injection with a simple reflective loader☆33Jun 28, 2019Updated 6 years ago
- 💉 DLL/Shellcode injection techniques☆713Mar 26, 2019Updated 7 years ago
- A C port of b33f's UrbanBishop☆38Oct 1, 2020Updated 5 years ago
- Historical Windows temporal memory-state research artifact for studying time-bound memory observations, validation limits, and defensive …☆906May 15, 2026Updated 3 weeks ago
- Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS head…☆599Jul 26, 2021Updated 4 years ago
- Mimikatz built as a static library.☆12Feb 9, 2022Updated 4 years ago
- Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode☆2,528Nov 15, 2023Updated 2 years ago