PoC for detecting and dumping process hollowing code injection
☆52Oct 23, 2018Updated 7 years ago
Alternatives and similar repositories for UnRunPE
Users that are interested in UnRunPE are comparing it to the libraries listed below
Sorting:
- PoC for detecting and dumping code injection (built and extended on UnRunPE)☆58Oct 23, 2018Updated 7 years ago
- ☆14Jan 10, 2017Updated 9 years ago
- ☆10Sep 29, 2019Updated 6 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆22May 31, 2017Updated 8 years ago
- ☆12Feb 19, 2017Updated 9 years ago
- Code injection by hijacking threads in Windows 32-bit applications☆44Oct 3, 2018Updated 7 years ago
- Enumerate the DLLs/Modules using NtQueryVirtualMemory☆32Jun 11, 2015Updated 10 years ago
- A Windows game hacking framework☆42Sep 7, 2016Updated 9 years ago
- Tool to automatically make Cheat Engine attach to a process via the command line.☆29Jun 25, 2017Updated 8 years ago
- ☆12May 12, 2014Updated 11 years ago
- Dodgy reflective DLL injector PoC for 32-bit Windows☆17Aug 20, 2018Updated 7 years ago
- ☆41Jun 1, 2016Updated 9 years ago
- Event Tracing for Windows Custom Events☆21Jan 28, 2015Updated 11 years ago
- Minifilter Driver☆15Feb 10, 2017Updated 9 years ago
- IDA反-反调试插件 IDAStealth v1.3.3, created 06/28/2011, Jan Newger☆21Apr 4, 2018Updated 7 years ago
- Modify process handle permissions☆61Nov 30, 2016Updated 9 years ago
- A driverless driver that is supposed to be manually mapped, usually by using TDL exploit. The driver shows how to read/write to any proce…☆22Oct 27, 2017Updated 8 years ago
- UI application that can compare PE images in memory or in raw PE file☆19Feb 17, 2014Updated 12 years ago
- ☆24Nov 17, 2017Updated 8 years ago
- ☆14May 1, 2021Updated 4 years ago
- My research environment based off of Microsoft's Singularity RDK/ Verve.☆16Nov 27, 2016Updated 9 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆78Aug 12, 2015Updated 10 years ago
- The Network project is a C++ encapsulation of WinSock2 to form a lightweight network library; The Graphics project is a C++ encapsulation…☆13Oct 31, 2017Updated 8 years ago
- An Ark tool project,run on Win7 x86/x64☆118Jul 11, 2017Updated 8 years ago
- Notes my learning steps about Windows-NT☆23May 18, 2017Updated 8 years ago
- Scanning and identifying XOR encrypted PE files in PE resources☆30Jun 22, 2014Updated 11 years ago
- Reflective DLL Injection style process infector☆20Jul 23, 2018Updated 7 years ago
- ☆27May 27, 2017Updated 8 years ago
- Hyper-V virtual switch packet capturing extension with libpcap / Wireshark format☆13Jun 3, 2014Updated 11 years ago
- Windows inject☆16Jun 7, 2018Updated 7 years ago
- Automatically exported from code.google.com/p/bypass-x64-dse☆21Oct 1, 2015Updated 10 years ago
- Protects deletion of files with a specified extension using a kernel-mode driver.☆76Jul 16, 2018Updated 7 years ago
- ☆34Jul 28, 2018Updated 7 years ago
- My take on the capcom driver vulnerability☆28Aug 7, 2017Updated 8 years ago
- Windows device tree walker☆15Sep 19, 2018Updated 7 years ago
- A system call tracer☆10Sep 22, 2014Updated 11 years ago
- bmod parses binaries for modification/patching and disassembles machine code sections.☆12Apr 19, 2018Updated 7 years ago
- Confirms the capability of Hardware-Accelerated Virtualization Technology.☆10Updated this week
- analyze the content of the pe file on windows, and shell(pack) function for windows drivers.☆11Nov 9, 2018Updated 7 years ago