S12cybersecurity / AntiVMLinks
C++ Class with various techniques to detect the execution in a virtualized environment
☆13Updated last year
Alternatives and similar repositories for AntiVM
Users that are interested in AntiVM are comparing it to the libraries listed below
Sorting:
- Perform Thread Hijacking Shellcode Injection without OpenProcess and OpenThread mapping all the free handles in memory☆12Updated 10 months ago
- My Own VirtualAlloc Implementation to use as alternative unknown for all the defense solutions of VirtualAlloc Win32 API Function☆9Updated last year
- PDF Icon File Type Spoofer☆15Updated 10 months ago
- PoC for the Untrusted Pointer Dereference in the appid.sys driver☆16Updated last year
- C++ Privilege Escalation Class to execute Process As Admin from User and Process as NT AUTHORITY SYSTEM from Admin☆22Updated last year
- C\C++ Ransomware example using RSA and AES-128 with BCrypt library on Windows☆17Updated 2 years ago
- A manual PE mapping implementation, aka reflective loader☆19Updated 2 years ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆21Updated last month
- C++ Script to list active processes with name, PID, Parent PID and User running it☆10Updated 2 years ago
- Overwrite MBR and add own custom message☆17Updated 5 years ago
- Compile-Time Calls Obfuscator for C++14+☆43Updated last year
- Listing UDP connections with remote address without sniffing.☆29Updated last year
- Allows you to find the use of ScyllaHide, if your program will debug and restore hooking functions bytes.☆26Updated 5 years ago
- using the Recycle Bin to insure persistence☆12Updated 2 years ago
- Infects PE files with a shellcode☆19Updated 6 years ago
- An x64 binary executing code that's not inside of it.☆16Updated 2 years ago
- Process Hollowing demonstration & explanation☆35Updated 4 years ago
- Windows 10/11 unsigned kernel driver load/debugging☆12Updated 2 years ago
- A windows kernel mode driver that spoofs serial numbers when mapped and executes a malicious payload (FULLY from kernel!!!)☆31Updated 7 months ago
- Reduce Dynamic Analysis Detection Rates With Built-In Unhooker, Anti Analysis Techniques, And String Obfuscator Modules.☆19Updated 2 years ago
- ☆25Updated 7 months ago
- C++ keylogger to save all the keys pressed into a local txt file☆11Updated 2 years ago
- using the gpu to hide your payload☆58Updated 2 years ago
- Collection of Win32 with C++/Assembly for Hooking, Patch and Reversing PE file☆12Updated 2 years ago
- A fast method to intercept syscalls from any user-mode process using InstrumentationCallback and detect any process using Instrumentation…☆31Updated last year
- PoC arbitrary WPM without a process handle☆19Updated last year
- filter driver to hide files and directories☆20Updated last year
- Change hash for a signed pe☆16Updated last year
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆71Updated 4 years ago
- ☆40Updated 3 months ago