Nero22k / Process-Injections-Techniques

Related projects: ⓘ

• ORCA666 / KCTHIJACK
  ☆43Updated this week
• hid3rx / GhostWriting
  ☆22Updated last year
• jbaines-r7 / dellicious
  Enabled / Disable LSA Protection via BYOVD
  ☆61Updated 2 years ago
• XaFF-XaFF / ZwProcessHollowing
  ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption
  ☆79Updated last year
• FULLSHADE / AntiDebugging
  ☆29Updated this week
• rad9800 / VehApiResolve
  ☆96Updated 2 years ago
• bananabr / Givemeahand
  A PoC tool for exploiting leaked process and thread handles
  ☆30Updated 7 months ago
• loneicewolf / KernelMode-Code
  2022 Updated Kernelmode-Code
  ☆29Updated 5 months ago
• st4ckh0und / hook-buster
  A compact tool for detecting AV/EDR hooks in default Windows libraries.
  ☆29Updated 2 years ago
• Idov31 / UdpInspector
  Listing UDP connections with remote address without sniffing.
  ☆30Updated 11 months ago
• pr0tean / TelemetrySourcerer-patched
  Tiny driver patch to allow kernel callbacks to work on Win10 21h1
  ☆31Updated 2 years ago
• AlionGreen / apc-injection
  Process Injection: APC Injection
  ☆27Updated 3 years ago
• whokilleddb / A-Study-in-Obfuscation
  A Study in Obfuscation: Analyzing the effect of various techniques to bypass AV engines
  ☆41Updated last year
• trickster0 / CReadMemory
  Read Memory without ReadProcessMemory for Current Process
  ☆73Updated 2 years ago
• mobdk / CloneProcess
  Clone running process with ZwCreateProcess
  ☆58Updated 3 years ago
• iammaguire / Salient-Rootkit
  A kernel mode Windows rootkit in development.
  ☆49Updated 2 years ago
• NUL0x4C / D-R-Shellcode
  ☆23Updated this week
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆34Updated 2 years ago
• ethereal-vx / Persistence
  Recreating and reviewing the Windows persistence methods
  ☆39Updated 2 years ago
• NtQuerySystemInformation / NlsCodeInjectionThroughRegistry
  Dll injection through code page id modification in registry. Based on jonas lykk research
  ☆116Updated last year
• SaadAhla / BlockNonMSModules
  Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules
  ☆41Updated last year
• realoriginal / bootdoor
  An initial proof of concept of a bootkit based on Cr4sh's DMABackdoorBoot
  ☆56Updated last year
• knight0x07 / BumbleCrypt
  A Bumblebee-inspired Crypter
  ☆79Updated last year
• MahmoudZohdy / Anti-Analysis-DebuggerInjection
  Anti-Analysis technique, trick the debugger by Hiding events from it.
  ☆18Updated 3 years ago
• maziland / StackBombing
  Next gen process injection technique
  ☆41Updated 4 years ago
• namazso / PEDiffGen
  Subtract one PE file from another!
  ☆19Updated 2 years ago
• PaulNorman01 / Dynamizer
  Reduce Dynamic Analysis Detection Rates With Built-In Unhooker, Anti Analysis Techniques, And String Obfuscator Modules.
  ☆18Updated last year
• AzAgarampur / byeintegrity4-uac
  Bypass UAC by abusing the Windows Defender Firewall Control Panel, environment variables, and shell protocol handlers
  ☆16Updated 3 years ago
• D1rkMtr / VMwareHunting
  ☆13Updated this week
• CitrusIce / ksc4cpp
  ksc4cpp is a shellcode framework for windows kernel based on C++
  ☆21Updated last year