RedSection / printjacker
Hijack Printconfig.dll to execute shellcode
☆98Updated 4 years ago
Alternatives and similar repositories for printjacker:
Users that are interested in printjacker are comparing it to the libraries listed below
- ☆50Updated 4 years ago
- Injects shellcode into remote processes using direct syscalls☆77Updated 4 years ago
- A simple COM server which provides a component to run shellcode☆134Updated 4 years ago
- Kernel file/process/object tool☆66Updated 3 years ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆105Updated 4 years ago
- POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…☆40Updated 3 years ago
- SLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#☆64Updated last year
- ☆56Updated 2 years ago
- ☆51Updated 5 years ago
- ☆82Updated 3 years ago
- An example of how to spawn a process with a spoofed parent PID (Visual C++)☆27Updated 6 years ago
- Simple windows rpc server for research purposes only☆82Updated 2 years ago
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆32Updated 3 years ago
- DInvisibleRegistry☆82Updated 4 years ago
- Exploring in-memory execution of .NET☆137Updated 3 years ago
- ☆62Updated 3 years ago
- my learning case about windows☆21Updated 3 years ago
- ☆164Updated 3 years ago
- ☆70Updated 2 months ago
- HookDetection☆46Updated 3 years ago
- Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used☆93Updated 3 years ago
- A simple dumper as FreshyCalls' PoC. That's what's trendy, isn't it? ¯\_(ツ)_/¯☆40Updated 4 years ago
- It stinks☆102Updated 3 years ago
- ☆40Updated 3 years ago
- Overwrite a process's recovery callback and execute with WER☆103Updated 3 years ago
- Source code for HppDLL - local password dumping using MsvpPasswordValidate hooks☆4Updated 4 years ago
- Cobalt Strike BOF Files with Nim!☆84Updated 2 years ago
- Unhooks Bit Defender from NTDLL and KERNELBASE using a classic technique.☆54Updated last year
- CVE-2020-1048 bypass: binary planting PoC☆32Updated 4 years ago
- Weaponizing for Arbitrary Files/Directories Delete bugs to Get NT AUTHORITY\SYSTEM☆123Updated 4 years ago