SanseoLab / simpleAVdriver
Simple AntiVirus Driver example
☆37Updated 6 years ago
Related projects: ⓘ
- PoC for detecting and dumping process hollowing code injection☆50Updated 5 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆52Updated 5 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆73Updated 9 years ago
- Windows Simple Process Logger implemented as driver☆18Updated 6 years ago
- PoC for detecting and dumping code injection (built and extended on UnRunPE)☆54Updated 5 years ago
- A simple rootkit to hide a process☆44Updated 10 years ago
- This is a simple driver with x64 inline assembly☆52Updated 4 years ago
- exploit termdd.sys(support kb4499175)☆58Updated 5 years ago
- Exploring Windows Internals.☆58Updated 4 years ago
- Kernel-Mode rootkit that connects to a remote server to send & recv commands☆31Updated 6 years ago
- x86/x64 dll injector☆28Updated 2 years ago
- ☆31Updated this week
- ☆26Updated 7 years ago
- Call 32bit NtDLL API directly from WoW64 Layer☆59Updated 3 years ago
- A command line tool to load and unload a device driver.☆42Updated 7 years ago
- A minifilter driver preserves all modified and deleted files.☆77Updated 9 years ago
- Load and unload a DLL into an remote process without using WriteProcessMemory ;)☆16Updated 10 years ago
- ☆48Updated this week
- Protects deletion of files with a specified extension using a kernel-mode driver.☆73Updated 6 years ago
- ☆38Updated this week
- 大表哥的Syscall-Monitor☆33Updated 5 years ago
- c++ implementation of windows heavens gate☆54Updated 3 years ago
- win32/x64 obfuscate framework☆32Updated 5 years ago
- PoC executable packer using resources☆31Updated 7 years ago
- PoC designed to evade userland-hooking anti-virus.☆85Updated 5 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆51Updated 3 years ago
- Windows Console Monitor☆32Updated 5 years ago
- ☆28Updated 5 years ago
- Windows anti-rootkit library☆37Updated 9 years ago
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆72Updated 13 years ago