ScorchSecurity / ToastLinks
User-mode hook bypassing method
☆33Updated 9 years ago
Alternatives and similar repositories for Toast
Users that are interested in Toast are comparing it to the libraries listed below
Sorting:
- Helper utility for debugging windows PE/PE+ loader.☆52Updated 10 years ago
- Adding exceptions to Microsoft's Control Flow Guard (CFG)☆57Updated 9 years ago
- Class implementation of PowerLoader injection technique☆32Updated 8 years ago
- drvtriks kernel driver for Windows 7 SP1 and 8.1 x64, that tricks around in your system.☆33Updated 8 years ago
- ☆34Updated 8 years ago
- ☆17Updated 5 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆22Updated 8 years ago
- Kernel mode windows NT API logger☆22Updated 6 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆32Updated 8 years ago
- Windows 10 UAC bypass PoC using LaunchInfSection☆35Updated 7 years ago
- Simple PE packer with RtlCompressBuffer☆21Updated 10 years ago
- The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers☆35Updated 8 years ago
- Reflective DLL Injection style process infector☆20Updated 7 years ago
- Takes a Windbg dumped structure (using the 'dt' command) and formats it into a C structure☆36Updated last year
- ☆19Updated 10 years ago
- A POC for Windows Extension Host hooking☆24Updated 6 years ago
- A MITM proxy server for reflective DLL injection through WinINet☆15Updated 7 years ago
- User-mode part of Zerokit platform☆22Updated 6 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆78Updated 10 years ago
- Try to transport the tcpip stack of ReactOS to Windows XP.☆17Updated 11 years ago
- An API Monitor based on Instrumentation☆44Updated 7 years ago
- Code injection via delay load libraries☆35Updated 8 years ago
- PoC for detecting and dumping process hollowing code injection☆52Updated 7 years ago
- PE Infector/Cryptor source code☆16Updated 8 years ago
- User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.☆19Updated 9 years ago
- Kernel-mode file scanner☆18Updated 7 years ago
- Window Executable file Function tracer using Debugging API☆44Updated 6 years ago
- Windows kernel-mode callbacks tutorial driver☆47Updated 9 years ago
- DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10☆53Updated last year
- Assembly code to use for Windows kernel shellcode to edit winlogon.exe ACL☆13Updated 8 years ago