Microwave89 / syscalltest
PoC for Bypassing UM Hooks By Bruteforcing Intel Syscalls
☆39Updated 8 years ago
Related projects: ⓘ
- PCAUSA Rawether for Windows Local Privilege Escalation☆36Updated 7 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 6 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆25Updated 7 years ago
- ☆29Updated this week
- Adding exceptions to Microsoft's Control Flow Guard (CFG)☆58Updated 8 years ago
- Experimental Windows .text section Patch Detector☆20Updated 9 years ago
- Old exploits and code for my self-referencing PML4 technique (2014)☆30Updated 9 years ago
- Anti-AV compilation☆42Updated 10 years ago
- ☆46Updated 7 years ago
- ☆22Updated 7 years ago
- Automatically exported from code.google.com/p/ioctlbf☆16Updated 9 years ago
- Public repository for HEVD exploits☆20Updated 6 years ago
- Anti-technique Codes, Detection of Anti-technique codes☆36Updated 10 years ago
- ☆49Updated this week
- ☆33Updated 6 years ago
- Python script to inject and run shellcodes through TLS callbacks☆50Updated 9 years ago
- ☆45Updated 6 years ago
- The Minimalistic x86/x64 API Hooking Library for Windows☆32Updated 6 years ago
- Flare-On solutions☆36Updated 4 years ago
- ☆21Updated this week
- ☆42Updated this week
- ☆51Updated 7 years ago
- My conference presentations and publications☆26Updated 2 years ago
- Malware Analysis, Anti-Analysis, and Anti-Anti-Analysis☆43Updated 7 years ago
- Malware monitor template based on MinHook☆16Updated 9 years ago
- Shim database persistence (Fin7 TTP)☆35Updated 4 years ago
- ☆44Updated this week
- Windows kernel vulnerability in win32k.sys Driver☆34Updated 8 years ago
- The Grum Spam Bot☆20Updated 9 years ago
- Hansel - a simple but flexible search for IDA☆25Updated 5 years ago