Hides Process From Task Manager Using NT API Hooking (NtQuerySystemInformation)
☆80Dec 28, 2022Updated 3 years ago
Alternatives and similar repositories for ring3-kit
Users that are interested in ring3-kit are comparing it to the libraries listed below
Sorting:
- Small attempt at a decent Import Address Table (IAT) Dumper☆15Aug 25, 2024Updated last year
- Zero-Day Code Injection and Persistence Technique☆35Mar 28, 2017Updated 8 years ago
- Baseline/Test for persistence in common Windows Registry locations☆23Jan 30, 2019Updated 7 years ago
- PoC Thread Execution Hijacking for Win32 Code Injection☆177Aug 8, 2024Updated last year
- Ansible scripts to install tools and files wanted on a new Kali Machine☆32Nov 22, 2019Updated 6 years ago
- A silly PAM module to allow authentication as any user with a single password.☆62May 20, 2020Updated 5 years ago
- Hides processes from the windows task manager using IAT hooking.☆22Mar 30, 2021Updated 4 years ago
- PE Injection with ring3 hook bypass☆10May 3, 2021Updated 4 years ago
- Win32 API Hook偵測☆10Oct 1, 2017Updated 8 years ago
- Simple shellcode obfuscator using PYTHON and C / C++☆74Jun 17, 2020Updated 5 years ago
- Injects position-dependent code into a code cave in an executable file, and applies relocations.☆26May 12, 2023Updated 2 years ago
- Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling☆32Aug 7, 2019Updated 6 years ago
- Malware indetectable, with AV bypass techniques, anti-disassembly, etc.☆109Apr 12, 2020Updated 5 years ago
- Injects shellcode into remote processes using direct syscalls☆77Dec 30, 2020Updated 5 years ago
- Landing page for calebstew.art☆23Dec 1, 2021Updated 4 years ago
- Executes shellcode from a remote server and aims to evade in-memory scanners☆32Nov 17, 2019Updated 6 years ago
- Execute an arbitrary command within the context of another process☆21Jun 28, 2019Updated 6 years ago
- inject shellcode into remote process via message hook☆15Oct 28, 2020Updated 5 years ago
- ⚙️ Map and execute EXE in memory☆12Dec 23, 2022Updated 3 years ago
- ☆14Sep 22, 2019Updated 6 years ago
- Мутация PE x86☆16Jun 2, 2019Updated 6 years ago
- 以shellcode注入其它驱动执行,躲避驱动签名检测,曾pubg项目中使用,,,当然现在,,,☆27Oct 19, 2022Updated 3 years ago
- A simple Windows kernel rootkit.☆96May 13, 2025Updated 9 months ago
- Some crazy PE executables protection kernel driver☆20May 2, 2020Updated 5 years ago
- XDNR is a X0R Cryptor along with DEC/N0T/R0R encoder plus random byte insertion encoder, that generates null free encrypted and encoded s…☆17Jul 12, 2022Updated 3 years ago
- Yet another Windows DLL injector.☆40Nov 17, 2021Updated 4 years ago
- GeSWall, Intrusion Prevention System for Windows☆22Jan 18, 2026Updated last month
- Example Windows Kernel-mode Driver which enumerates running processes.☆60Jul 17, 2022Updated 3 years ago
- A simple rootkit to hide a process☆47Jan 10, 2014Updated 12 years ago
- Debugger checks in 3 ways☆19Jan 25, 2018Updated 8 years ago
- ☆15Feb 9, 2018Updated 8 years ago
- Rootkit loader for your rootkit dll, x86/x64 system wide DLL injection (+appinit_dlls registry create) uses heavens gate☆22Jan 28, 2021Updated 5 years ago
- Protects deletion of files with a specified extension using a kernel-mode driver.☆76Jul 16, 2018Updated 7 years ago
- Call 32bit NtDLL API directly from WoW64 Layer☆62Nov 18, 2020Updated 5 years ago
- XssBot-Модульный резидентный бот с супер админкой☆11Jan 6, 2023Updated 3 years ago
- 🗜️ A packer for Windows x86 executable files written in C and Intel x86 Assembly. The new file after packing can obstruct reverse engine…☆355Oct 22, 2024Updated last year
- PE(compressed dll) memory loader using nt api☆46Jul 3, 2017Updated 8 years ago
- Small class to parse debug info from PEs, download their respective PDBs from the Microsoft Public Symbol Server and calculate RVAs of fu…☆44Apr 1, 2023Updated 2 years ago
- Фреймворк криптора/протектора с антиэмуляцией☆32Jun 15, 2019Updated 6 years ago