Windows API Call Obfuscation
☆112Dec 9, 2022Updated 3 years ago
Alternatives and similar repositories for APICallProxy
Users that are interested in APICallProxy are comparing it to the libraries listed below
Sorting:
- Hijack NotifyRoutine for a kernelmode thread☆41Jun 4, 2022Updated 3 years ago
- Simple memory obfuscator.☆24Jul 21, 2022Updated 3 years ago
- Read Memory without ReadProcessMemory for Current Process☆92Feb 13, 2022Updated 4 years ago
- Load Encrypted Dll Using LoadLibraryA, Keep The Dll Encrypted on disc all the time and decrypt it only in memory.☆23Sep 5, 2021Updated 4 years ago
- Call NtCreateUserProcess directly as normal.☆77May 17, 2022Updated 3 years ago
- A simple COM server which provides a component to run shellcode☆149May 12, 2020Updated 5 years ago
- A kernel mode Windows rootkit in development.☆49Dec 31, 2021Updated 4 years ago
- Minimal PoC developed as discuss in https://captmeelo.com/redteam/maldev/2022/05/10/ntcreateuserprocess.html☆144May 10, 2022Updated 3 years ago
- IAT-Obfuscation to make static analysis of executable harder.☆44Sep 6, 2021Updated 4 years ago
- A PoC tool for exploiting leaked process and thread handles☆32Feb 13, 2024Updated 2 years ago
- query specific user and login IP from remote machine☆18Nov 19, 2022Updated 3 years ago
- ☆153Jul 31, 2022Updated 3 years ago
- Various Process Injection Techniques☆165Jun 14, 2022Updated 3 years ago
- Open-source EDR kernel-component for system monitoring and DLL injection☆33Nov 14, 2020Updated 5 years ago
- windows kernelmode driver to inject dll into each and every process and perform systemwide function hooking☆53Aug 28, 2022Updated 3 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆121Feb 8, 2022Updated 4 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- Get your data from the resource section manually, with no need for windows apis☆67Oct 22, 2024Updated last year
- ☆61Jun 26, 2022Updated 3 years ago
- Windows x64 Process Injection via Ghostwriting with Dynamic Configuration☆29Oct 29, 2021Updated 4 years ago
- Analyze patches in a process☆260Jul 28, 2021Updated 4 years ago
- Windows CVE主防(HIPS/HIDS)☆57Apr 29, 2021Updated 4 years ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- A simple program to obfuscate code written in cpp.☆51May 9, 2024Updated last year
- manual mapping injector☆29Sep 28, 2025Updated 5 months ago
- improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys☆49Mar 10, 2023Updated 2 years ago
- ☆192Dec 8, 2021Updated 4 years ago
- x86 PE Mutator☆233Dec 24, 2022Updated 3 years ago
- base for testing☆187Sep 28, 2024Updated last year
- different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)☆202Aug 2, 2023Updated 2 years ago
- Win32 API Hook偵測☆10Oct 1, 2017Updated 8 years ago
- ☆14Nov 29, 2021Updated 4 years ago
- Execute a payload at each right click on a file/folder in the explorer menu for persistence☆175Mar 15, 2023Updated 2 years ago
- Windows (ShadowMove) Socket Duplication☆87Apr 19, 2020Updated 5 years ago
- Implementation of several code injection techniques.☆24Mar 12, 2022Updated 3 years ago
- Bypasses for Windows kernel callbacks PatchGuard protection☆44Aug 15, 2021Updated 4 years ago
- Bypass valorant page guard external☆25May 21, 2021Updated 4 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆37Jul 27, 2021Updated 4 years ago
- Bypassing EasyAntiCheat.sys self-integrity by abusing call hierarchy☆83Oct 6, 2022Updated 3 years ago