Microwave89 / createuserprocessLinks
Three Tiny Examples of Directly Using Vista's NtCreateUserProcess
☆87Updated 9 years ago
Alternatives and similar repositories for createuserprocess
Users that are interested in createuserprocess are comparing it to the libraries listed below
Sorting:
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆219Updated 5 years ago
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆143Updated 6 years ago
- Resolve DOS MZ executable symbols at runtime☆95Updated 3 years ago
- ☆32Updated 6 years ago
- APC Internals Research Code☆166Updated 4 years ago
- An example of a client and server using Windows' ALPC functions to send and receive data.☆96Updated 5 months ago
- Simple 32/64-bit PEs loader.☆138Updated 6 years ago
- ntdll.h - compatible with MSVC 6.0, Intel C++ Compiler and MinGW. Serves as a complete replacement for Windows.h☆140Updated 6 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆60Updated 6 years ago
- A PoC designed to bypass all usermode hooks in a WoW64 environment.☆150Updated 4 years ago
- A driver that hooks C: volume using symbolic link callback to track all FS access to the volume☆108Updated 5 years ago
- CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers☆143Updated 4 years ago
- Multi-purpose proof-of-concept tool based on CPU-Z CVE-2017-15303☆109Updated 7 years ago
- Process Hollowing for 32 bit and 64 bit☆79Updated 7 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆51Updated 4 years ago
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆177Updated 7 years ago
- Process Doppelgänging☆158Updated 7 years ago
- Standalone program to download PDB Symbol files for debugging without WDK☆76Updated 6 years ago
- API Set resolver for Windows☆135Updated 9 months ago
- Miscellaneous Code and Docs☆81Updated last year
- A collection of tools, source code, and papers researching Windows' implementation of CET.☆84Updated 4 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆106Updated 5 years ago
- Reverse engineered source code of the autochk rootkit☆202Updated 5 years ago
- PoC designed to evade userland-hooking anti-virus.☆88Updated 6 years ago
- Translates WinDbg "dt" structure dump to a C structure☆128Updated 8 years ago
- ☆127Updated 8 months ago
- Recreation of GetProcAddress without external dependencies on Windows Libraries☆90Updated 9 years ago
- A modern c++ implementation of windows heavens gate☆224Updated 4 years ago
- Weaponizing Gigabyte driver for priv escalation and bypass PPL☆68Updated 5 years ago
- Documenting system information classes and their uses☆51Updated 3 years ago