S12cybersecurity / AntiVM
C++ Class with various techniques to detect the execution in a virtualized environment
☆12Updated 10 months ago
Alternatives and similar repositories for AntiVM:
Users that are interested in AntiVM are comparing it to the libraries listed below
- Perform Thread Hijacking Shellcode Injection without OpenProcess and OpenThread mapping all the free handles in memory☆12Updated 9 months ago
- My Own VirtualAlloc Implementation to use as alternative unknown for all the defense solutions of VirtualAlloc Win32 API Function☆8Updated last year
- A manual PE mapping implementation, aka reflective loader☆19Updated 2 years ago
- Compile-Time Calls Obfuscator for C++14+☆43Updated last year
- PDF Icon File Type Spoofer☆14Updated 9 months ago
- Spoof the return address of any function call.☆8Updated 9 months ago
- Research into removing strings & API call references at compile-time (Anti-Analysis)☆25Updated 10 months ago
- Collection of Win32 with C++/Assembly for Hooking, Patch and Reversing PE file☆12Updated 2 years ago
- Change hash for a signed pe☆16Updated last year
- Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…☆71Updated last week
- Header only library for obfuscation import winapi functions.☆40Updated 2 months ago
- Allows you to find the use of ScyllaHide, if your program will debug and restore hooking functions bytes.☆25Updated 5 years ago
- Overwrite MBR and add own custom message☆17Updated 5 years ago
- Reduce Dynamic Analysis Detection Rates With Built-In Unhooker, Anti Analysis Techniques, And String Obfuscator Modules.☆19Updated 2 years ago
- My POC implementation of HVNC (Hidden VNC / Hidden Desktop)☆22Updated 3 months ago
- using the Recycle Bin to insure persistence☆12Updated 2 years ago
- Using c++23 compile-time magic to produce obfuscated PIC strings and arrays.☆21Updated 10 months ago
- havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets☆27Updated 8 months ago
- Standalone Metasploit-like XOR encoder for shellcode☆48Updated 11 months ago
- using the gpu to hide your payload☆57Updated 2 years ago
- simple user-mode Rootkit☆103Updated 2 years ago
- Listing UDP connections with remote address without sniffing.☆29Updated last year
- PoC for the Untrusted Pointer Dereference in the appid.sys driver☆16Updated last year
- This exploit use PEB walk technique to resolve API calls dynamically, obfuscate all API calls to perform process injection.☆17Updated 8 months ago
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆44Updated last year
- A windows kernel mode driver that spoofs serial numbers when mapped and executes a malicious payload (FULLY from kernel!!!)☆30Updated 6 months ago
- C\C++ Ransomware example using RSA and AES-128 with BCrypt library on Windows☆17Updated 2 years ago
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆84Updated 2 years ago
- Example of C# heap injector for x64 and x86 shellcodes☆14Updated 2 years ago
- WinApi Patcher is a straightforward tool leveraging windows API hooking to patch and modify certain behaviors in a targeted environment.☆39Updated 7 months ago