SweetIceLolly / Prevent_Process_CreationLinks
Record & prevent process creation in kernel mode
☆44Updated 4 years ago
Alternatives and similar repositories for Prevent_Process_Creation
Users that are interested in Prevent_Process_Creation are comparing it to the libraries listed below
Sorting:
- Record & prevent file deletion in kernel mode☆44Updated 5 years ago
- Lightweight Portable Executable parsing library and a demo peParser application.☆80Updated 2 years ago
- Call 32bit NtDLL API directly from WoW64 Layer☆60Updated 4 years ago
- Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling☆32Updated 6 years ago
- c++ implementation of windows heavens gate☆69Updated 4 years ago
- A research project about Windows notify routines.☆37Updated 5 years ago
- Protected Process Light Library☆18Updated 5 years ago
- Static library and headers for linking your software with ntdll.dll☆36Updated 5 years ago
- A driver to intercept low level windows events☆62Updated 6 years ago
- ☆18Updated 4 years ago
- Library for using direct system calls☆36Updated 8 months ago
- vmware-backdoor☆33Updated 4 years ago
- Driver demonstrating how to register a DPC to asynchronously wait on an object☆50Updated 4 years ago
- Miscellaneous Code and Docs☆84Updated 3 months ago
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆73Updated 2 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Updated 3 years ago
- Process Creation, Image Load and Thread Creation Notification☆13Updated 2 years ago
- Load Dll into Kernel space☆38Updated 3 years ago
- A ready-made template for a project based on libpeconv.☆50Updated 8 months ago
- Yet another Windows DLL injector.☆39Updated 3 years ago
- Standalone program to download PDB Symbol files for debugging without WDK☆78Updated 6 years ago
- XOrCryptEx lightweight C Utility/Algorithm☆11Updated 3 years ago
- A packed & protected Module Loader and more, for 64-bit Windows☆27Updated 4 years ago
- ☆32Updated 4 years ago
- Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post☆73Updated last year
- A kernel mode Windows rootkit in development.☆49Updated 3 years ago
- Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler☆29Updated 4 years ago
- ☆26Updated 8 years ago
- C++ library for low-level Windows development☆80Updated last year
- ☆25Updated 4 years ago