NtRaiseHardError / Lynx
Dodgy reflective DLL injector PoC for 32-bit Windows
☆15Updated 6 years ago
Related projects: ⓘ
- Reflective DLL Injection style process infector☆19Updated 6 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 6 years ago
- ☆15Updated this week
- Kernel mode windows NT API logger☆21Updated 5 years ago
- User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.☆18Updated 8 years ago
- Code Injector Using Code Caves☆14Updated 9 years ago
- Self-Loading Registration Free COM Functions☆11Updated 4 years ago
- drvtriks kernel driver for Windows 7 SP1 and 8.1 x64, that tricks around in your system.☆31Updated 6 years ago
- User-mode part of Zerokit platform☆20Updated 5 years ago
- A MITM proxy server for reflective DLL injection through WinINet☆15Updated 6 years ago
- Parser for a custom executable format from Hidden Bee malware (first stage)☆39Updated last week
- Remote PE reflective injection with a simple reflective loader☆28Updated 5 years ago
- Minimal Intervention and Software Transformation - PoC Packer designed for AV detection bypass☆17Updated 6 years ago
- ☆40Updated this week
- The Grum Spam Bot☆20Updated 9 years ago
- ☆16Updated 4 years ago
- A Win32 PE/Executable Crypter that employs on the fly encryption & decryption of memory☆32Updated 10 years ago
- PoC for detecting and dumping process hollowing code injection☆50Updated 5 years ago
- Common Malware Techniques☆13Updated last year
- ☆34Updated this week
- Sysprep Volatile Environment LPE (2017)☆13Updated 2 years ago
- An example of PE hollowing injection technique☆23Updated 5 years ago
- ☆12Updated 7 years ago
- PoC for Bypassing UM Hooks By Bruteforcing Intel Syscalls☆39Updated 8 years ago
- Kernel-Mode rootkit that connects to a remote server to send & recv commands☆31Updated 6 years ago
- ☆11Updated this week
- A ready-made template for a project based on libpeconv.☆40Updated last year
- ☆22Updated 4 years ago
- A Proof-of-Concept win32 DLL that makes use of netbios session token replay to propagate through a Windows Domain☆24Updated 6 years ago