NtRaiseHardError / Anti-DeleteView external linksLinks
Protects deletion of files with a specified extension using a kernel-mode driver.
☆76Jul 16, 2018Updated 7 years ago
Alternatives and similar repositories for Anti-Delete
Users that are interested in Anti-Delete are comparing it to the libraries listed below
Sorting:
- Kernel-mode file scanner☆19Jul 16, 2018Updated 7 years ago
- PoC designed to evade userland-hooking anti-virus.☆90May 15, 2019Updated 6 years ago
- Program to leak anti-virus behaviour and such☆14Apr 18, 2019Updated 6 years ago
- Minimal Intervention and Software Transformation - PoC Packer designed for AV detection bypass☆18Nov 4, 2017Updated 8 years ago
- 基于WinDivert实现的一个包过滤与截断程序☆13Jul 22, 2018Updated 7 years ago
- Notes my learning steps about Windows-NT☆23May 18, 2017Updated 8 years ago
- Reflective DLL Injection style process infector☆20Jul 23, 2018Updated 7 years ago
- ☆12Feb 19, 2017Updated 8 years ago
- Fileless persistence, attacks and anti-forensic capabilties.☆92Dec 6, 2018Updated 7 years ago
- IDA反-反调试插件 IDAStealth v1.3.3, created 06/28/2011, Jan Newger☆21Apr 4, 2018Updated 7 years ago
- PoC for detecting and dumping process hollowing code injection☆52Oct 23, 2018Updated 7 years ago
- Windows device tree walker☆15Sep 19, 2018Updated 7 years ago
- x64 Kernel Hooks Detection☆24Jan 1, 2017Updated 9 years ago
- Библиотека шифрования XTEA3 на С++☆14Jul 6, 2019Updated 6 years ago
- win7 apc注入不支持win10☆18Mar 29, 2019Updated 6 years ago
- Wow64 syscall hook☆42May 28, 2017Updated 8 years ago
- ☆18Oct 12, 2014Updated 11 years ago
- PoC for detecting and dumping code injection (built and extended on UnRunPE)☆58Oct 23, 2018Updated 7 years ago
- Hide Driver By MiProcessLoaderEntry☆294May 17, 2019Updated 6 years ago
- Provides a way which you can load a .NET dll/exe from disk, modify/inject IL, and then run the assembly all in memory without modifying t…☆29Mar 31, 2017Updated 8 years ago
- ☆34Jul 28, 2018Updated 7 years ago
- Reverse engineered source code of the autochk rootkit☆208Nov 1, 2019Updated 6 years ago
- Dodgy reflective DLL injector PoC for 32-bit Windows☆17Aug 20, 2018Updated 7 years ago
- hooking KiUserApcDispatcher☆25Apr 3, 2017Updated 8 years ago
- A simple DLL that can intercept HID messages and pass them on to the real HID DLL, while logging the data.☆22Oct 3, 2014Updated 11 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆78Aug 12, 2015Updated 10 years ago
- This project demonstares an illegal read- and write- access to the kernel-mode data for both allocated by 3rd party drivers and EPROCESS …☆13Mar 6, 2018Updated 7 years ago
- Kernel Shellcode to add all privileges in token☆15Mar 13, 2017Updated 8 years ago
- HadesMem is a C++-based memory hacking library for Windows based applications, with the goal of providing a safe, generic, powerful, and …☆28Jan 7, 2015Updated 11 years ago
- 驱动层拦截web访问源码☆30Apr 2, 2018Updated 7 years ago
- Windows 10 kernel and ntdll internal types, directly compatible with ida.☆53Oct 14, 2018Updated 7 years ago
- Exploiting CPU-Z Driver To Turn Load Unsigned Drivers☆131Aug 10, 2017Updated 8 years ago
- Anti-technique Codes, Detection of Anti-technique codes☆37Oct 27, 2013Updated 12 years ago
- A simple ransomware defender.It uses minifilter to filt "rewrite" and "delete" events in kernel.And it handles event in user mode.☆27Aug 14, 2018Updated 7 years ago
- A session-0 capable dll injection utility☆76Apr 18, 2018Updated 7 years ago
- A research project about Windows notify routines.☆38Jul 31, 2020Updated 5 years ago
- Code injection by hijacking threads in Windows 32-bit applications☆43Oct 3, 2018Updated 7 years ago
- This project has been moved from a private repository.☆11May 4, 2018Updated 7 years ago
- 给windows窗口全局添加一些功能。☆21May 1, 2019Updated 6 years ago