Maff1t / InjectNtdllPOC
Process Injection without R/W target memory and without creating a remote thread
☆18Updated 3 years ago
Alternatives and similar repositories for InjectNtdllPOC:
Users that are interested in InjectNtdllPOC are comparing it to the libraries listed below
- Clone running process with ZwCreateProcess☆57Updated 4 years ago
- ☆29Updated 3 years ago
- ☆18Updated 4 years ago
- Extract data of TTD trace file to a minidump☆28Updated last year
- Example for PagedOut!☆24Updated 5 years ago
- Windows API Hashes used in the malwares☆40Updated 9 years ago
- A few examples of how to trap virtual memory access on Windows.☆29Updated 4 months ago
- ☆25Updated 5 months ago
- A Practical example of ELAM (Early Launch Anti-Malware)☆32Updated 3 years ago
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆26Updated last year
- Enabled / Disable LSA Protection via BYOVD☆66Updated 3 years ago
- This x64dbg plugin allows you to upload your sample to Malcore and view the results.☆33Updated last year
- Tiny driver patch to allow kernel callbacks to work on Win10 21h1☆34Updated 3 years ago
- Windows kernel PDB data parsed into YAML☆36Updated 5 months ago
- ☆29Updated last year
- arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system☆56Updated 3 years ago
- ☆23Updated last year
- ☆108Updated 2 years ago
- ☆25Updated 2 years ago
- ☆59Updated 2 years ago
- Command like tool to print mitigation flags for running processes in a memory dump☆46Updated 4 years ago
- Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.☆98Updated 4 years ago
- WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs☆18Updated last year
- NT AUTHORITY\SYSTEM☆39Updated 4 years ago
- A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.☆27Updated 2 years ago
- Manually perform syscalls without going through any external API or DLL.☆18Updated 2 years ago
- ☆31Updated 4 years ago
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year
- ☆38Updated last year
- Check if your AV/EDR does inline hooking, displays the hooked functions and allows you to compare them with the original ones.☆27Updated this week