PoC designed to evade userland-hooking anti-virus.
☆90May 15, 2019Updated 6 years ago
Alternatives and similar repositories for AntiHook
Users that are interested in AntiHook are comparing it to the libraries listed below
Sorting:
- Protects deletion of files with a specified extension using a kernel-mode driver.☆76Jul 16, 2018Updated 7 years ago
- Program to leak anti-virus behaviour and such☆14Apr 18, 2019Updated 6 years ago
- Fileless persistence, attacks and anti-forensic capabilties.☆92Dec 6, 2018Updated 7 years ago
- Minimal Intervention and Software Transformation - PoC Packer designed for AV detection bypass☆18Nov 4, 2017Updated 8 years ago
- Research on Anti-malware and other related security solutions☆265Jul 25, 2020Updated 5 years ago
- Reflective DLL Injection style process infector☆20Jul 23, 2018Updated 7 years ago
- Introductory software reverse engineering tutorial for beginners☆36Jun 2, 2019Updated 6 years ago
- ☆37May 9, 2019Updated 6 years ago
- Simple packer for arbitrary data using only .NET API calls. Produces a unique signature with every usage. Standalone program and library.…☆94Apr 27, 2019Updated 6 years ago
- ☆36Mar 11, 2019Updated 6 years ago
- Files related to my presentation at SigSegV2 conference in 2019. You can find related papers on my blog☆13Dec 12, 2019Updated 6 years ago
- Dodgy reflective DLL injector PoC for 32-bit Windows☆17Aug 20, 2018Updated 7 years ago
- NINA: No Injection, No Allocation x64 Process Injection Technique☆227Jun 9, 2020Updated 5 years ago
- Example Loader to be used as a learning resource for people interested in how commercially available malware is made on a very basic leve…☆70May 9, 2019Updated 6 years ago
- A Catalog of Application Whitelisting Bypass Techniques☆32Nov 11, 2014Updated 11 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆17Sep 29, 2018Updated 7 years ago
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆75May 20, 2021Updated 4 years ago
- PoC for detecting and dumping process hollowing code injection☆52Oct 23, 2018Updated 7 years ago
- Penetration Test / Read Team - C# tools repository☆55Dec 23, 2021Updated 4 years ago
- Zerokit/GAPZ rootkit (non buildable and only for researching)☆185Mar 30, 2019Updated 6 years ago
- ☆33Aug 10, 2019Updated 6 years ago
- AppXSVC Service race condition - privilege escalation☆30Jul 30, 2019Updated 6 years ago
- Simple remote administration tool. Written in c++ and MASM.☆18May 16, 2018Updated 7 years ago
- A Tool For Crypt File And Bypass AntiVirus Even msfvenom Payloads☆19Sep 6, 2019Updated 6 years ago
- RunPE using Hell's Gate technique.☆32Dec 4, 2020Updated 5 years ago
- Hide DLL / Hide Module / Hide Dynamic Link Library☆108May 28, 2019Updated 6 years ago
- Disabling Windows Defender & downloading payload☆21Jul 28, 2020Updated 5 years ago
- Resources from my journey into Windows binary exploitation☆24Jan 14, 2019Updated 7 years ago
- Techniques that i have used to evade anti-virus during pen tests.☆13May 29, 2018Updated 7 years ago
- Three Tiny Examples of Directly Using Vista's NtCreateUserProcess☆89Nov 9, 2015Updated 10 years ago
- Live hunting of code injection techniques☆385Aug 22, 2019Updated 6 years ago
- ☆24Jul 24, 2020Updated 5 years ago
- Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling☆32Aug 7, 2019Updated 6 years ago
- PoC code from blog☆16Mar 10, 2020Updated 5 years ago
- Code Injector Using Code Caves☆15Jul 12, 2015Updated 10 years ago
- Reverse engineered source code of the autochk rootkit☆210Nov 1, 2019Updated 6 years ago
- A session-0 capable dll injection utility☆76Apr 18, 2018Updated 7 years ago
- Python script to patch the reflective stub in a DLL☆24Apr 9, 2017Updated 8 years ago
- A tool that reads a PE file from a byte array buffer and injects it into memory.☆28Aug 5, 2019Updated 6 years ago