OmerYa / ROPInjectorLinks
Rite Of Passage ROP Injector
☆34Updated 6 years ago
Alternatives and similar repositories for ROPInjector
Users that are interested in ROPInjector are comparing it to the libraries listed below
Sorting:
- A novel technique to communicate between threads using the standard ETHREAD structure☆114Updated 4 years ago
- Clone running process with ZwCreateProcess☆58Updated 4 years ago
- Sysmon shenanigans☆66Updated 4 years ago
- ☆36Updated 3 years ago
- A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…☆98Updated 6 years ago
- ☆15Updated 4 years ago
- Recreating and reviewing the Windows persistence methods☆39Updated 3 years ago
- NT AUTHORITY\SYSTEM☆39Updated 5 years ago
- An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples☆71Updated 3 years ago
- ☆83Updated last year
- A small commented POC for removing API hooks placed by AV/EDR.☆34Updated 5 years ago
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆74Updated 4 years ago
- Windows GPU rootkit PoC by Team Jellyfish☆37Updated 10 years ago
- Piece of code to detect and remove hooks in IAT☆64Updated 3 years ago
- Weaponizing Gigabyte driver for priv escalation and bypass PPL☆69Updated 6 years ago
- Example for PagedOut!☆25Updated 5 years ago
- Parser for a custom executable formats from Hidden Bee and Rhadamanthys malware☆56Updated last month
- ☆31Updated 5 years ago
- ☆37Updated 6 years ago
- Six cases demonstrating methods of optimizing GetProcAddress☆18Updated 3 years ago
- Local OXID Resolver (LCLOR) : Research and Tooling☆35Updated 4 years ago
- A Practical example of ELAM (Early Launch Anti-Malware)☆35Updated 3 years ago
- ☆70Updated 8 months ago
- Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.☆99Updated 5 years ago
- https://blog.f-secure.com/hiding-malicious-code-with-module-stomping/☆121Updated 6 years ago
- Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler☆29Updated 4 years ago
- A simple dumper as FreshyCalls' PoC. That's what's trendy, isn't it? ¯\_(ツ)_/¯☆39Updated 4 years ago
- ☆114Updated 3 years ago
- Process Injection without R/W target memory and without creating a remote thread☆19Updated 3 years ago
- Various tools, PoCs and experiments related to my blog at https://www.forrest-orr.net/☆39Updated 4 years ago