MoePus / wowHijack
Run some secret code invisible from debugger single step.(x86 process on x64 windows only)
☆24Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for wowHijack
- Call 32bit NtDLL API directly from WoW64 Layer☆60Updated 4 years ago
- Windows Injection 101: from Zero to ROP (HITCON 2017)☆27Updated 7 years ago
- Yet another windows syscall library☆18Updated 4 years ago
- ☆32Updated 3 years ago
- Windows Application Loader Running *.Exe files in Memory against Scrylla☆21Updated 4 years ago
- Windows 10 UAC bypass PoC using LaunchInfSection☆34Updated 6 years ago
- exploit termdd.sys(support kb4499175)☆57Updated 5 years ago
- An API Monitor based on Instrumentation☆42Updated 6 years ago
- Dump PDB Symbols including support for Bochs Debugging Format (with wine support)☆14Updated last year
- ☆12Updated 5 years ago
- Code Integrity Violation Spotter☆17Updated 5 months ago
- Yet another Windows DLL injector.☆38Updated 3 years ago
- Windbg extension that allows you analyze Control Flow Guard map☆36Updated 3 years ago
- Wow64 Heaven's Gate Hook☆26Updated 3 years ago
- vmware-backdoor☆33Updated 3 years ago
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆69Updated last year
- This is a POC for loading shared object directly from memory without accessing the actual Linux file system.☆22Updated 3 years ago
- Hook IDT vector 0xb2 to detect SCI in 64bit windows.☆33Updated 2 years ago
- Helper utility for debugging windows PE/PE+ loader.☆50Updated 9 years ago
- This is a simple driver with x64 inline assembly☆53Updated 4 years ago
- DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10☆52Updated 8 months ago
- HTTP/HTTPS/DNS inspector (windows driver)☆24Updated 5 years ago
- Library for using direct system calls☆35Updated 4 years ago
- A set of small utilities, helpers for PIN tracers☆31Updated last year
- automates exploits using ROP chains, using ntdll-scraper☆16Updated 2 years ago
- ☆13Updated last year
- r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems☆14Updated 5 years ago