This is a simple example and explanation of obfuscating API resolution via hashing
☆237May 25, 2020Updated 5 years ago
Alternatives and similar repositories for Windows-API-Hashing
Users that are interested in Windows-API-Hashing are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A more stealthy variant of "DLL hollowing"☆365Mar 8, 2024Updated 2 years ago
- hooking KiUserApcDispatcher☆27Apr 3, 2017Updated 9 years ago
- ☆84Aug 26, 2024Updated last year
- Confirms the capability of Hardware-Accelerated Virtualization Technology.☆10Feb 26, 2026Updated last month
- An example of PE hollowing injection technique☆26Jun 28, 2019Updated 6 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Custom implementation of DbgHelp's MiniDumpWriteDump function. Uses static syscalls to replace low-level functions like NtReadVirtualMemo…☆127Jan 18, 2022Updated 4 years ago
- API hashing written in C to load APIs indirectly using CRC32 hashing☆15Jul 27, 2020Updated 5 years ago
- A VBA implementation of the RunPE technique or how to bypass application whitelisting.☆813Dec 17, 2019Updated 6 years ago
- Execute an arbitrary command within the context of another process☆21Jun 28, 2019Updated 6 years ago
- RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, …☆500Jan 25, 2022Updated 4 years ago
- PoC for detecting and dumping code injection (built and extended on UnRunPE)☆58Oct 23, 2018Updated 7 years ago
- This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret …☆263Apr 29, 2023Updated 2 years ago
- ☆828Dec 28, 2019Updated 6 years ago
- A way to delete a locked file, or current running executable, on disk.☆619Nov 5, 2025Updated 5 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- This project demonstares an illegal read- and write- access to the kernel-mode data for both allocated by 3rd party drivers and EPROCESS …☆13Mar 6, 2018Updated 8 years ago
- This is a simple driver with x64 inline assembly☆55Jun 26, 2020Updated 5 years ago
- ☆170Jan 7, 2022Updated 4 years ago
- Universal Unhooking☆326Sep 19, 2018Updated 7 years ago
- Get your data from the resource section manually, with no need for windows apis☆67Oct 22, 2024Updated last year
- Original C Implementation of the Hell's Gate VX Technique☆1,179Jun 28, 2021Updated 4 years ago
- Converts PE into a shellcode☆2,751Aug 30, 2025Updated 7 months ago
- C# Reflective loader for unmanaged binaries.☆445Jan 25, 2023Updated 3 years ago
- Evasive shellcode loader for bypassing event-based injection detection (PoC)☆825Aug 23, 2021Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Obfuscate specific windows apis with different apis☆1,021Feb 21, 2021Updated 5 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 6 years ago
- It stinks☆103Apr 22, 2022Updated 3 years ago
- Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…☆219Feb 20, 2023Updated 3 years ago
- ☆119Aug 7, 2022Updated 3 years ago
- Debugger checks in 3 ways☆19Jan 25, 2018Updated 8 years ago
- Phantom DLL hollowing PoC☆372May 23, 2022Updated 3 years ago
- A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl☆1,345Apr 1, 2026Updated last week
- Project Ares is a Proof of Concept (PoC) loader written in C/C++ based on the Transacted Hollowing technique☆337Jan 16, 2022Updated 4 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Remote PE reflective injection with a simple reflective loader☆32Jun 28, 2019Updated 6 years ago
- 💉 DLL/Shellcode injection techniques☆716Mar 26, 2019Updated 7 years ago
- A C port of b33f's UrbanBishop☆38Oct 1, 2020Updated 5 years ago
- A memory scanning evasion technique☆899May 24, 2017Updated 8 years ago
- Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS head…☆595Jul 26, 2021Updated 4 years ago
- An extensible framework for easily writing compiler optimized position independent x86 / x64 shellcode for windows platforms.☆534Jul 2, 2025Updated 9 months ago
- Mimikatz built as a static library.☆12Feb 9, 2022Updated 4 years ago