TalBlum / Anti-DisassemblyLinks
A collection of anti disassembly techniques
☆19Updated 8 years ago
Alternatives and similar repositories for Anti-Disassembly
Users that are interested in Anti-Disassembly are comparing it to the libraries listed below
Sorting:
- ☆16Updated 5 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 7 years ago
- User-mode part of Zerokit platform☆22Updated 6 years ago
- Windows 10 UAC bypass PoC using LaunchInfSection☆34Updated 7 years ago
- exploit termdd.sys(support kb4499175)☆59Updated 6 years ago
- Currently proof-of-concept☆17Updated 3 years ago
- A simple tool to view important DLL Characteristics and change DEP and ASLR☆44Updated 6 years ago
- Exploits pack for the Windows Kernel mode driver HackSysExtremeVulnerableDriver written for educational purposes.☆66Updated 3 years ago
- ☆20Updated 6 years ago
- PoC for detecting and dumping process hollowing code injection☆51Updated 6 years ago
- The project was upgraded from https://coder.pub/ and supported VS2017. The original author wrote the detailed design ideas documentation…☆19Updated 7 years ago
- Windows x64 Process Scanner to detect application compatability shims☆37Updated 6 years ago
- Simple PE packer with RtlCompressBuffer☆21Updated 9 years ago
- User-mode hook bypassing method☆33Updated 8 years ago
- Kernel mode windows NT API logger☆22Updated 5 years ago
- A wrapper for capstone for bearparser☆14Updated 2 years ago
- Parser for a custom executable formats from Hidden Bee and Rhadamanthys malware☆52Updated this week
- drvtriks kernel driver for Windows 7 SP1 and 8.1 x64, that tricks around in your system.☆33Updated 7 years ago
- Resources from my journey into Windows binary exploitation☆23Updated 6 years ago
- An API Monitor based on Instrumentation☆43Updated 7 years ago
- Modify data structures in the Windows kernel, hiding processes by PID☆15Updated 7 years ago
- Simple remote administration tool. Written in c++ and MASM.☆18Updated 7 years ago
- Code injection via delay load libraries☆35Updated 7 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆29Updated 8 years ago
- findLoop - find possible encryption/decryption or compression/decompression code☆26Updated 6 years ago
- ☆47Updated 5 years ago
- Exploits I've authored☆60Updated 5 years ago
- Call 32bit NtDLL API directly from WoW64 Layer☆60Updated 4 years ago
- ☆27Updated 9 years ago
- Windows Application Loader Running *.Exe files in Memory against Scrylla☆21Updated 5 years ago