A novel technique to hide code from debuggers & disassemblers
☆161Aug 9, 2024Updated last year
Alternatives and similar repositories for 0pack
Users that are interested in 0pack are comparing it to the libraries listed below
Sorting:
- Zerokit/GAPZ rootkit (non buildable and only for researching)☆185Mar 30, 2019Updated 6 years ago
- ☆14Aug 15, 2018Updated 7 years ago
- Public documents related to my talk "Bypass Windows Exploit Guard ASR" at Offensive Con 2019.☆94Feb 24, 2019Updated 7 years ago
- IDA 7.0 meets watch view!☆43Sep 6, 2021Updated 4 years ago
- PoC for CVE-2019-0888 - Use-After-Free in Windows ActiveX Data Objects (ADO)☆40Jul 9, 2019Updated 6 years ago
- Green shellcode challenge tools☆22Apr 9, 2019Updated 6 years ago
- A tiny PoC to inject and execute code into explorer.exe with WM_SETTEXT+WM_COPYDATA+SetThreadContext☆53Apr 29, 2018Updated 7 years ago
- easy to use vtable hook with RTTI support☆23Nov 12, 2019Updated 6 years ago
- Wow64 syscall hook☆43May 28, 2017Updated 8 years ago
- Tool for injecting a "TCP Relay" managed assembly into unmanaged processes☆117May 23, 2019Updated 6 years ago
- Manual PE image mapper☆66Aug 29, 2013Updated 12 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆104May 14, 2020Updated 5 years ago
- exploit termdd.sys(support kb4499175)☆61Jul 15, 2019Updated 6 years ago
- MouHidInputHook enables users to filter, modify, and inject mouse input data packets into the input data stream of HID USB mouse devices …☆11Jul 11, 2019Updated 6 years ago
- Virtual Machine Introspection, Tracing & Debugging☆596Feb 22, 2022Updated 4 years ago
- use crystalCPUID to identify vt-x & amd-v☆17Apr 8, 2015Updated 10 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆65Jun 19, 2019Updated 6 years ago
- Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.☆158Jun 10, 2019Updated 6 years ago
- Code injection via delay load libraries☆36Sep 20, 2017Updated 8 years ago
- ☆24Mar 4, 2019Updated 7 years ago
- Reverse engineering tool for automatic structure recovering and memory use analysis based on DynamoRIO and Capstone☆324Aug 12, 2019Updated 6 years ago
- hook msr by amd svm☆125Dec 30, 2019Updated 6 years ago
- Advanced Portable Executable File Analyzer And Disassembler 32 & 64 Bit☆100Apr 15, 2019Updated 6 years ago
- Windows 10 UAC bypass PoC using LaunchInfSection☆35Aug 3, 2018Updated 7 years ago
- Shell utility to list colorfully show what processes are listening on what ports.☆19Aug 17, 2019Updated 6 years ago
- ☆179Nov 25, 2018Updated 7 years ago
- ☆12Feb 19, 2017Updated 9 years ago
- usermode standalone kernel interface☆111Jul 9, 2018Updated 7 years ago
- Stealthy Injector that leverages a vulnerable driver and other exploits to remain undetected☆37Dec 10, 2018Updated 7 years ago
- I Know Where Your Page Lives: Derandomizing the latest Windows 10 Kernel - ZeroNights 2016☆172Dec 7, 2016Updated 9 years ago
- A simple DLL that can intercept HID messages and pass them on to the real HID DLL, while logging the data.☆23Oct 3, 2014Updated 11 years ago
- ☆22Jul 6, 2018Updated 7 years ago
- A Fuzzer for Windows NDIS Drivers OID Handlers☆96Nov 4, 2021Updated 4 years ago
- Reverse engineering toolkit for exploit/malware analysis☆35May 10, 2020Updated 5 years ago
- enable libemu run pe file and add some good modify☆14Feb 4, 2019Updated 7 years ago
- init☆14Mar 16, 2020Updated 5 years ago
- makin - reveal anti-debugging and anti-VM tricks [This project is not maintained anymore]☆743Mar 17, 2019Updated 6 years ago
- Debugger extension for the Debugging Tools for Windows (WinDbg, KD, CDB, NTSD).☆69Nov 14, 2016Updated 9 years ago
- Signedness-Agnostic Strided-Interval☆38Jun 21, 2019Updated 6 years ago