SweetIceLolly / Prevent_File_Deletion

Related projects ⓘ

Alternatives and complementary repositories for Prevent_File_Deletion

• 0mWindyBug / MinifilterHook
  silence file system monitoring components by hooking their minifilters
  ☆51Updated 9 months ago
• je5442804 / CreateProcessInternalW-Full
  Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post
  ☆47Updated 2 months ago
• ch3rn0byl / CVE-2021-21551
  ☆25Updated 3 years ago
• stdhu / windows-kernel-pagehook
  windows kernel pagehook
  ☆37Updated 2 years ago
• bb107 / RtlWow64
  c++ implementation of windows heavens gate
  ☆55Updated 3 years ago
• hid3rx / GhostWriting
  ☆22Updated last year
• worawit / malk
  Demonstrate calling a kernel function and handle process creation callback against HVCI
  ☆48Updated last year
• he4rtbleed / PPLL
  Protected Process Light Library
  ☆18Updated 4 years ago
• st4ckh0und / hook-buster
  A compact tool for detecting AV/EDR hooks in default Windows libraries.
  ☆29Updated 2 years ago
• hMihaiDavid / addscn
  Add an empty section to a PE file
  ☆49Updated 7 years ago
• Flawww / ObfuscatedJumpGenerator
  Dynamically generated obfuscated jumps and/or function calls
  ☆33Updated last year
• idiotc4t / Mapping-injection
  NO WriteProcessMemory CreateRemoteThread APIs call shellcode injection
  ☆28Updated 4 years ago
• AzAgarampur / byeintegrity3-uac
  Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler
  ☆26Updated 3 years ago
• m417z / LdrDllNotificationHook
  Hook all callbacks which are registered with LdrRegisterDllNotification
  ☆81Updated last year
• Lima-X / Win32.Nebula
  A packed & protected Module Loader and more, for 64-bit Windows
  ☆28Updated 3 years ago
• aaaddress1 / wow64Jit
  Call 32bit NtDLL API directly from WoW64 Layer
  ☆60Updated 3 years ago
• SHA-MRIZ / FsMinfilterHooking
  ☆29Updated 3 years ago
• whitephone / Windows-Rootkits
  ☆26Updated 7 years ago
• 0mWindyBug / WFPCalloutReserach
  research revolving the windows filtering platform callout mechanism
  ☆20Updated 5 months ago
• Rhydon1337 / windows-kernel-process-protector
  Protect a process from code injection, termination and hooking
  ☆37Updated 3 years ago
• uvbs / NT-APC-Injector
  APC DLL Injector with NtQueueApcThread and wake up thread support
  ☆44Updated 7 years ago
• Rhydon1337 / windows-kernel-file-delete
  Force a file delete using a windows kernel driver
  ☆60Updated 2 years ago
• zodiacon / DbgPrint
  Debug Print viewer (user and kernel)
  ☆63Updated 9 months ago
• SamLarenN / PePacker
  Simple PE Packer Which Encrypts .text Section
  ☆49Updated 7 years ago
• bytesundso / SneakCalls
  direct systemcalls with a modern c++20 interface.
  ☆41Updated last year
• ntoskrnl7 / ldk
  Load Dll into Kernel space
  ☆38Updated 2 years ago
• ivkin25 / Process-Hollowing
  An implementation of the Process Hollowing technique.
  ☆16Updated 3 years ago
• jnastarot / cleancall
  Library for using direct system calls
  ☆35Updated 4 years ago
• Lima-X / XOrCryptEx
  XOrCryptEx lightweight C Utility/Algorithm
  ☆11Updated 2 years ago