SweetIceLolly / Prevent_Process_Creation
Record & prevent process creation in kernel mode
☆42Updated 3 years ago
Alternatives and similar repositories for Prevent_Process_Creation:
Users that are interested in Prevent_Process_Creation are comparing it to the libraries listed below
- Record & prevent file deletion in kernel mode☆42Updated 4 years ago
- An implementation of the Process Hollowing technique.☆16Updated 4 years ago
- ☆18Updated 4 years ago
- ☆33Updated 3 years ago
- Call 32bit NtDLL API directly from WoW64 Layer☆60Updated 4 years ago
- Protected Process Light Library☆18Updated 4 years ago
- Data and structures regarding the research done on WdFilter☆12Updated 4 years ago
- Windows Console Monitor☆33Updated 5 years ago
- ☆26Updated 7 years ago
- ☆24Updated 6 years ago
- ☆31Updated 4 years ago
- All Nt Syscall and W32k Syscall in one asm, include, and call it!☆57Updated 3 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆51Updated 4 years ago
- Fake Timestamps of Driver Certificates while keeping validity.☆17Updated 3 years ago
- Library for using direct system calls☆35Updated 2 months ago
- Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler☆28Updated 3 years ago
- Yet another Windows DLL injector.☆38Updated 3 years ago
- Detects if a Kernel mode debugger is active by reading the value of KUSER_SHARED_DATA.KdDebuggerEnabled. It is a high level and portable …☆23Updated 7 years ago
- Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling☆32Updated 5 years ago
- Static Library For Windows Drivers☆33Updated last month
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆24Updated 3 years ago
- c++ implementation of windows heavens gate☆68Updated 4 years ago
- Shh0ya Kernel Hook Driver☆21Updated 4 years ago
- A packed & protected Module Loader and more, for 64-bit Windows☆29Updated 4 years ago
- Example of hijacking system calls via function pointer tables☆32Updated 3 years ago
- windows kernel pagehook☆39Updated 2 years ago
- ☆26Updated 3 years ago
- win32/x64 obfuscate framework☆32Updated 5 years ago
- Load Dll into Kernel space☆38Updated 2 years ago
- A ready-made template for a project based on libpeconv.☆46Updated last month