S12cybersecurity / AntiVM
C++ Class with various techniques to detect the execution in a virtualized environment
☆12Updated 10 months ago
Alternatives and similar repositories for AntiVM:
Users that are interested in AntiVM are comparing it to the libraries listed below
- Perform Thread Hijacking Shellcode Injection without OpenProcess and OpenThread mapping all the free handles in memory☆12Updated 8 months ago
- My Own VirtualAlloc Implementation to use as alternative unknown for all the defense solutions of VirtualAlloc Win32 API Function☆8Updated last year
- PDF Icon File Type Spoofer☆14Updated 8 months ago
- Compile-Time Calls Obfuscator for C++14+☆42Updated last year
- PoC for the Untrusted Pointer Dereference in the appid.sys driver☆16Updated 11 months ago
- Spoof the return address of any function call.☆9Updated 8 months ago
- C\C++ Ransomware example using RSA and AES-128 with BCrypt library on Windows☆16Updated 2 years ago
- User Mode Windows Rootkit☆57Updated last year
- Change hash for a signed pe☆16Updated last year
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆44Updated last year
- Collection of Win32 with C++/Assembly for Hooking, Patch and Reversing PE file☆12Updated 2 years ago
- using the gpu to hide your payload☆56Updated 2 years ago
- havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets☆26Updated 7 months ago
- POC Ring3 Windows Rootkit (x86 / x64) - Hide processes and files☆56Updated last year
- Allows you to find the use of ScyllaHide, if your program will debug and restore hooking functions bytes.☆25Updated 5 years ago
- A manual PE mapping implementation, aka reflective loader☆18Updated 2 years ago
- This program is used to perform reflective DLL Injection to a remote process specified by the user.☆65Updated last year
- Header only library for obfuscation import winapi functions.☆40Updated last month
- Research into removing strings & API call references at compile-time (Anti-Analysis)☆25Updated 9 months ago
- A windows kernel mode driver that spoofs serial numbers when mapped and executes a malicious payload (FULLY from kernel!!!)☆32Updated 5 months ago
- Crossplatform tool for inject shellcode into .exe and .dll binaries (x86 and x64)☆58Updated 10 months ago
- Overwrite MBR and add own custom message☆16Updated 5 years ago
- Classic Process Injection with Memory Evasion Techniques implemantation☆68Updated last year
- Example of C# heap injector for x64 and x86 shellcodes☆13Updated 2 years ago
- user-mode Rootkit☆104Updated 2 years ago
- Simple C++ Reverse Shell☆10Updated 2 years ago
- Fud Runpe Av Evasion / All Av Bypass☆32Updated 2 years ago
- Listing UDP connections with remote address without sniffing.☆30Updated last year
- Using c++23 compile-time magic to produce obfuscated PIC strings and arrays.☆19Updated 9 months ago
- Mockingjay Process Injection Vulnerable DLL Finder☆19Updated last year