A minimalistic way to spoof return addresses without using exceptions
☆19Jul 26, 2022Updated 3 years ago
Alternatives and similar repositories for Ret-Spoofing
Users that are interested in Ret-Spoofing are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Illustrates the concept of return address spoofing, and how it is used.☆14May 13, 2020Updated 5 years ago
- ☆41Mar 23, 2023Updated 3 years ago
- A simple way to spoof return addresses using an exception handler☆45Aug 3, 2022Updated 3 years ago
- Hijack NotifyRoutine for a kernelmode thread☆41Jun 4, 2022Updated 3 years ago
- PointerGuard is a proof-of-concept tool used to create 'guarded' pointers which disguise pointer addresses, monitor reads/writes, and pre…☆57May 23, 2022Updated 3 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- A C++ wrapper for icedx86 decoder☆49Jul 28, 2025Updated 9 months ago
- Decoder for VMProtect hwids☆18Aug 1, 2022Updated 3 years ago
- ☆50Apr 19, 2020Updated 6 years ago
- ☆23Oct 18, 2021Updated 4 years ago
- A simple MmCopyMemory hook.☆37Jul 11, 2022Updated 3 years ago
- Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …☆55Dec 30, 2025Updated 4 months ago
- Compileable POC of namazso's x64 return address spoofer.☆51Jun 10, 2020Updated 5 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆148Feb 12, 2022Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A wrapper class to hide the original calling address of a function☆56Aug 9, 2020Updated 5 years ago
- Simple anti-instrumentation with EFLAGS.AC☆17Mar 31, 2025Updated last year
- Just check hypervisor in ring0☆14Jun 7, 2023Updated 2 years ago
- C/C++ example of InjectMouseInput function☆35Apr 17, 2021Updated 5 years ago
- A high-fidelity x86_64 polymorphic mutation engine focused on instruction-level fragmentation and context preservation.☆110Jan 18, 2026Updated 3 months ago
- Walks through the 4-level paging structures in Windows x64☆14Feb 12, 2023Updated 3 years ago
- Based off of [tarekwiz / League-Unpacker]☆22Aug 26, 2023Updated 2 years ago
- VEH Redirect & VEH Debugger☆23May 18, 2020Updated 5 years ago
- Simple IOCTL hooking driver for Kernel- User - Mode communication.☆11Jul 26, 2020Updated 5 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…☆43Sep 23, 2021Updated 4 years ago
- ☆136Aug 6, 2022Updated 3 years ago
- Pointer encryption library in rust.☆18Apr 13, 2025Updated last year
- Handling C++ & __try exceptions without the need of built-in handlers.☆77Aug 28, 2021Updated 4 years ago
- ☆10Jul 18, 2022Updated 3 years ago
- Some drivers I've written while solving exercises from Practical Reverse Engineering☆15Jan 9, 2022Updated 4 years ago
- Helper scripts for windows debugging with symbols for Bochs and IDA Pro (PDB files). Very handy for user mode <--> kernel mode☆19Aug 11, 2023Updated 2 years ago
- A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.☆160Nov 14, 2021Updated 4 years ago
- Small c++ basic packet sniffer for TCP, UDP, IGMP, and Others. Built for learning purposes.☆27Oct 12, 2016Updated 9 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Cube World Reversing & Cheat (x64) - Include IDA file and unpacked game☆13Aug 1, 2023Updated 2 years ago
- An example code of CiGetCertPublisherName☆16Mar 24, 2022Updated 4 years ago
- This tool will allow you to spoof the return addresses of your functions as well as system functions.☆562Nov 12, 2022Updated 3 years ago
- Expanding Kernel Lazy Importer☆33Feb 16, 2023Updated 3 years ago
- BattlEye kernel module bypass☆178Oct 1, 2022Updated 3 years ago
- "Bypassing" HVCI via donor PFN swaps to modify read-only code pages. Call chained kernel functions (kCET and SLAT support), and more.☆120Mar 16, 2026Updated last month
- Old project (2020) reformed. Modifies gRT->GetVariable sub function from EFI_APPLICATION. Tested on Win10 22H2 (AMD).☆57Feb 28, 2024Updated 2 years ago