SweetIceLolly / Prevent_File_Deletion
Record & prevent file deletion in kernel mode
☆40Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for Prevent_File_Deletion
- silence file system monitoring components by hooking their minifilters☆51Updated 9 months ago
- Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post☆47Updated 2 months ago
- ☆25Updated 3 years ago
- windows kernel pagehook☆37Updated 2 years ago
- c++ implementation of windows heavens gate☆55Updated 3 years ago
- ☆22Updated last year
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆48Updated last year
- Protected Process Light Library☆18Updated 4 years ago
- A compact tool for detecting AV/EDR hooks in default Windows libraries.☆29Updated 2 years ago
- Add an empty section to a PE file☆49Updated 7 years ago
- Dynamically generated obfuscated jumps and/or function calls☆33Updated last year
- NO WriteProcessMemory CreateRemoteThread APIs call shellcode injection☆28Updated 4 years ago
- Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler☆26Updated 3 years ago
- Hook all callbacks which are registered with LdrRegisterDllNotification☆81Updated last year
- A packed & protected Module Loader and more, for 64-bit Windows☆28Updated 3 years ago
- Call 32bit NtDLL API directly from WoW64 Layer☆60Updated 3 years ago
- ☆29Updated 3 years ago
- ☆26Updated 7 years ago
- research revolving the windows filtering platform callout mechanism☆20Updated 5 months ago
- Protect a process from code injection, termination and hooking☆37Updated 3 years ago
- APC DLL Injector with NtQueueApcThread and wake up thread support☆44Updated 7 years ago
- Force a file delete using a windows kernel driver☆60Updated 2 years ago
- Debug Print viewer (user and kernel)☆63Updated 9 months ago
- Simple PE Packer Which Encrypts .text Section☆49Updated 7 years ago
- direct systemcalls with a modern c++20 interface.☆41Updated last year
- Load Dll into Kernel space☆38Updated 2 years ago
- An implementation of the Process Hollowing technique.☆16Updated 3 years ago
- Library for using direct system calls☆35Updated 4 years ago
- XOrCryptEx lightweight C Utility/Algorithm☆11Updated 2 years ago