Custom GetProcAddress, GetModuleHandleA and some dbghelp.dll functions
☆86Feb 13, 2019Updated 7 years ago
Alternatives and similar repositories for Custom-GetProcAddress-and-GetModuleHandle-and-more
Users that are interested in Custom-GetProcAddress-and-GetModuleHandle-and-more are comparing it to the libraries listed below
Sorting:
- Recreation of GetProcAddress without external dependencies on Windows Libraries☆91Jan 22, 2016Updated 10 years ago
- Loads .NET Assembly Via CLR Loader☆17Mar 6, 2019Updated 6 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆17Sep 29, 2018Updated 7 years ago
- ☣️ Necro Stealer + Web Panel☆10May 2, 2020Updated 5 years ago
- Скрытие Win API☆27Aug 14, 2019Updated 6 years ago
- Enable SEH support for manual mapped x86-32bit PEs☆69Mar 18, 2019Updated 6 years ago
- DarkRats Standalone HVNC☆25May 20, 2022Updated 3 years ago
- A reflexive driver loader to bypass Windows DSE (featuring a custom PE loader)☆44Sep 1, 2018Updated 7 years ago
- Headers for linking your software with ntdll.dll☆15Nov 4, 2020Updated 5 years ago
- ksc4cpp is a shellcode framework for windows kernel based on C++☆22Feb 10, 2023Updated 3 years ago
- Interprocess communication via a covert timing channel☆26Oct 24, 2025Updated 4 months ago
- A quick tool for hiding a new process running shellcode.☆57Jun 10, 2020Updated 5 years ago
- ☆42Aug 10, 2019Updated 6 years ago
- Get your data from the resource section manually, with no need for windows apis☆67Oct 22, 2024Updated last year
- Mapping your code on a 0x1000 size page☆71May 20, 2022Updated 3 years ago
- C# DCOM Execution☆17Aug 4, 2019Updated 6 years ago
- Analysing and defeating PatchGuard universally☆36Nov 4, 2020Updated 5 years ago
- Hardened Proof of Concept of D/Invoke Process Injection malware☆42Jul 23, 2020Updated 5 years ago
- Executing a .NET Assembly from C++ in Memory (CLR Hosting)☆201Nov 12, 2016Updated 9 years ago
- Thawne is a Sentinel for your Program. A trojan that Reinfects systems. It installs itself on the system it's Executed on. After which Th…☆10Oct 13, 2020Updated 5 years ago
- The evolution of NxRansomware☆11Jun 14, 2019Updated 6 years ago
- idk man this was the default github name☆35Apr 23, 2023Updated 2 years ago
- Example of hijacking system calls via function pointer tables☆31Jun 26, 2021Updated 4 years ago
- ☆274Jan 14, 2023Updated 3 years ago
- A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process☆115Aug 29, 2022Updated 3 years ago
- miscellaneous scripts and programs☆277Jan 23, 2025Updated last year
- Some interesting code☆18Jan 16, 2015Updated 11 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 5 years ago
- Win32 PE Anti-RE and Anti-debugging Framework☆13May 14, 2019Updated 6 years ago
- PoC capable of detecting manual syscalls from usermode.☆206Nov 13, 2025Updated 3 months ago
- CVE-2019-1064 Local Privilege Escalation Vulnerability☆11Jun 12, 2019Updated 6 years ago
- A proof of concept of real custom GetProcAddress and GetModuleBaseAddress☆21Jul 9, 2022Updated 3 years ago
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆87Apr 11, 2023Updated 2 years ago
- Demos and presentation from SECArmy Village Grayhat 2020☆37Mar 15, 2023Updated 2 years ago
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆55Mar 3, 2022Updated 4 years ago
- Inline syscalls made easy for windows on clang☆736Jun 21, 2024Updated last year
- x64 syscall caller in C++.☆93Jun 23, 2018Updated 7 years ago
- KaynLdr is a Reflective Loader written in C/ASM☆555Dec 3, 2023Updated 2 years ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆136Jan 2, 2023Updated 3 years ago