MandConsultingGroup / ring3-kit
Hides Process From Task Manager Using NT API Hooking (NtQuerySystemInformation)
☆75Updated 2 years ago
Alternatives and similar repositories for ring3-kit:
Users that are interested in ring3-kit are comparing it to the libraries listed below
- PoC Thread Execution Hijacking for Win32 Code Injection☆175Updated 7 months ago
- A Simple AES Command Line Crypter☆35Updated 2 years ago
- Small attempt at a decent Import Address Table (IAT) Dumper☆14Updated 7 months ago
- Gozi ISFB is a well-known and widely distributed banking trojan, and has been in the threat landscape for the past several years.☆63Updated 7 years ago
- Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware☆26Updated 5 years ago
- APT, Cyber warfare, Penetration testing, Zero-day,Exploiting,Fuzzing,Privilege-Escalation,browser-security,Spyware,Malwres evade…☆34Updated 6 years ago
- Shellcodev is a tool designed to help and automate the process of shellcode creation.☆106Updated last year
- Overwrite MBR and add own custom message☆16Updated 4 years ago
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆72Updated 3 years ago
- Cryline project - It's a simple test ransomware for Windows OS without stable encryption. Pls use this source code for study purposes on…☆58Updated 5 months ago
- Zero-Day Code Injection and Persistence Technique☆33Updated 8 years ago
- ☆12Updated 4 years ago
- 2022 Updated Kernelmode-Code☆31Updated last year
- ☆16Updated 3 years ago
- POC Ring3 Windows Rootkit (x86 / x64) - Hide processes and files☆56Updated last year
- C++ Multi-Stage Semi-Polymorphic Malware Loader.☆9Updated 3 years ago
- Various tools, PoCs and experiments related to my blog at https://www.forrest-orr.net/☆36Updated 3 years ago
- Simple PE Packer Which Encrypts .text Section☆51Updated 7 years ago
- Alleged source code leak of Osiris banking trojan☆37Updated 4 years ago
- A simple example on how to initiate a direct syscall on WoW64☆11Updated 7 years ago
- user-mode Rootkit☆104Updated 2 years ago
- NT AUTHORITY\SYSTEM☆39Updated 4 years ago
- Malware AV evasion via disable Windows Defender (Registry). C++☆35Updated 2 years ago
- Process Hollowing demonstration & explanation☆35Updated 4 years ago
- Hellokitty Ransomware Source Code☆15Updated last year
- Hiding your process in ProcessHacker,Task Manager,etc by patching NtQuerySystemInformation☆87Updated 3 years ago
- Code that can be used as a reference, library, or inspiration for hacking Windows memory.☆50Updated 4 years ago
- 64bit Windows 10 shellcode that adds user BOKU:SP3C1ALM0V3 to the system and the localgroups Administrators & "Remote Desktop Users"☆38Updated 3 years ago
- Baseline/Test for persistence in common Windows Registry locations☆24Updated 6 years ago
- A ransomware written in C++, achieve the functions of hidden tear.☆8Updated 4 years ago