A simple way to spoof return addresses using an exception handler
☆44Aug 3, 2022Updated 3 years ago
Alternatives and similar repositories for Exception-Ret-Spoofing
Users that are interested in Exception-Ret-Spoofing are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Hijack NotifyRoutine for a kernelmode thread☆41Jun 4, 2022Updated 3 years ago
- Walks through the 4-level paging structures in Windows x64☆13Feb 12, 2023Updated 3 years ago
- A minimalistic way to spoof return addresses without using exceptions☆18Jul 26, 2022Updated 3 years ago
- x64 assembler library☆31Jun 7, 2024Updated last year
- Compileable POC of namazso's x64 return address spoofer.☆50Jun 10, 2020Updated 5 years ago
- ☆12Oct 12, 2021Updated 4 years ago
- Easy to include string and wstring obfuscation☆23Mar 12, 2022Updated 4 years ago
- A simple MmCopyMemory hook.☆38Jul 11, 2022Updated 3 years ago
- ☆17Apr 18, 2023Updated 2 years ago
- clearing traces of a loaded driver☆47Jul 2, 2022Updated 3 years ago
- Mapping your code on a 0x1000 size page☆71May 20, 2022Updated 3 years ago
- Bootkits☆19Sep 13, 2023Updated 2 years ago
- Simulate SendInput with ClassService☆35Sep 5, 2018Updated 7 years ago
- Handling C++ & __try exceptions without the need of built-in handlers.☆77Aug 28, 2021Updated 4 years ago
- An example code of CiGetCertPublisherName☆16Mar 24, 2022Updated 3 years ago
- Interprocess communication via a covert timing channel☆26Oct 24, 2025Updated 4 months ago
- Experimental disassembler for x86 binaries virtualized by VMProtect 3☆98Aug 27, 2022Updated 3 years ago
- Simple Demo of using Windows Hypervisor Platform☆29Jul 14, 2025Updated 8 months ago
- Drawing from kernelmode without any hooks☆174Jul 7, 2022Updated 3 years ago
- A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.☆158Nov 14, 2021Updated 4 years ago
- automates exploits using ROP chains, using ntdll-scraper☆16May 26, 2022Updated 3 years ago
- pdb's function and global vars to offset☆10Apr 11, 2023Updated 2 years ago
- ☆34Aug 7, 2023Updated 2 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆71May 11, 2022Updated 3 years ago
- ☆20Mar 15, 2023Updated 3 years ago
- A better way to write shell code☆11May 28, 2021Updated 4 years ago
- ☆36Mar 27, 2022Updated 3 years ago
- A general solution to simulate execution of virtualized instructions (vmprotect/themida, etc.).☆77Feb 9, 2022Updated 4 years ago
- POC Hook of nt!HvcallCodeVa☆54May 8, 2023Updated 2 years ago
- A simple example how to decrypt kernel debugger data block☆32Feb 8, 2021Updated 5 years ago
- Fast covert timing channel communication for inter-process and inter-processor communication on Windows systems.☆69Nov 15, 2025Updated 4 months ago
- Bypassing EasyAntiCheat.sys self-integrity by abusing call hierarchy☆82Oct 6, 2022Updated 3 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- Disable threat tracing from the kernel..☆14Apr 8, 2022Updated 3 years ago
- hooking KiUserApcDispatcher☆27Apr 3, 2017Updated 8 years ago
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆182Nov 30, 2017Updated 8 years ago
- Visual Studio Project example for using Microsoft's STL in WDM (Windows Kernel-mode Driver)☆25Jun 22, 2021Updated 4 years ago
- ☆137Aug 6, 2022Updated 3 years ago
- Detect removed thread from PspCidTable.☆75Mar 18, 2022Updated 4 years ago