Speedi13 / Custom-GetProcAddress-and-GetModuleHandle-and-moreLinks
Custom GetProcAddress, GetModuleHandleA and some dbghelp.dll functions
☆82Updated 6 years ago
Alternatives and similar repositories for Custom-GetProcAddress-and-GetModuleHandle-and-more
Users that are interested in Custom-GetProcAddress-and-GetModuleHandle-and-more are comparing it to the libraries listed below
Sorting:
- A simple tool to assemble shellcode ready to be copy-pasted into code☆69Updated 3 years ago
- Inline syscalls made for MSVC supporting x64 and WOW64☆183Updated 2 years ago
- Exploit MsIo vulnerable driver☆109Updated 3 years ago
- kernel to user mode APC injector☆45Updated 3 years ago
- State of the art DLL injector that took 20 minutes to make☆218Updated last year
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆127Updated 2 years ago
- Kernel LdrLoadDll injector☆262Updated 6 years ago
- Various Process Injection Techniques☆152Updated 3 years ago
- x64 Windows PatchGuard bypass, register process-creation callbacks from unsigned code☆206Updated 4 years ago
- Elevate a process to be a protected process☆151Updated 5 years ago
- Load your driver like win32k.sys☆254Updated 2 years ago
- based on https://github.com/secrary/Hooking-via-InstrumentationCallback☆71Updated 5 years ago
- Custom LoadLibrary / GetProcAddress (x86 / x64) - Load DLL and retrieve functions manually☆92Updated 2 years ago
- A quick-and-dirty anti-hook library proof of concept.☆104Updated 6 years ago
- A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks.☆113Updated 3 years ago
- manual map unsigned driver over signed memory☆196Updated last year
- ☆184Updated 3 years ago
- Recursive and arbitrary code execution at kernel-level without a system thread creation☆158Updated 2 years ago
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆47Updated 2 years ago
- ☆155Updated last year
- CVE-2022-3699 with arbitrary kernel code execution capability☆71Updated 2 years ago
- DSE & PG bypass via BYOVD attack☆55Updated 3 weeks ago
- Compileable POC of namazso's x64 return address spoofer.☆51Updated 5 years ago
- hidden_syscall - syscaller without using syscall instruction in code☆61Updated 2 years ago
- A x64 PE Packer/Protector Developed in C++ and VisualStudio☆52Updated last year
- spoof return address☆75Updated 2 years ago
- TS-Changer - Forces the machine in/out of TestSigning Mode at runtime.☆66Updated last year
- A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.☆137Updated 3 years ago
- x86 PE Mutator☆223Updated 2 years ago
- Obfuscate calls to imports by patching in stubs☆69Updated 4 years ago