UserExistsError / DllLoaderShellcode
Shellcode to load an appended Dll
☆89Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for DllLoaderShellcode
- Convert PE files to a shellcode☆73Updated 4 years ago
- Weaponizing Gigabyte driver for priv escalation and bypass PPL☆68Updated 5 years ago
- Process Doppelgänging☆154Updated 6 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆103Updated 4 years ago
- A PoC designed to bypass all usermode hooks in a WoW64 environment.☆148Updated 4 years ago
- Position-idependent Windows DLL loader based on ReflectiveDLL project.☆91Updated 6 years ago
- Small tool to load shellcodes or PEs to analyze them☆80Updated 6 years ago
- PoC: Rebuild A New Path Back to the Heaven's Gate (HITB 2021)☆101Updated 3 years ago
- Reverse engineered source code of the autochk rootkit☆196Updated 5 years ago
- APC DLL Injector with NtQueueApcThread and wake up thread support☆44Updated 7 years ago
- Reflective PE loader for DLL injection☆167Updated 7 years ago
- Windows API Call Obfuscation☆86Updated last year
- PoC: Exploit 32-bit Thread Snapshot of WOW64 to Take Over $RIP & Inject & Bypass Antivirus HIPS (HITB 2021)☆160Updated 3 years ago
- Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…☆212Updated last year
- PoC capable of detecting manual syscalls from usermode.☆182Updated 3 years ago
- Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler☆26Updated 3 years ago
- Assembly block for hooking windows API functions.☆81Updated 5 years ago
- Use NT Native Registry API to create a registry that normal user can not query.☆53Updated 6 years ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆103Updated 3 years ago
- Local privilege escalation PoC exploit for CVE-2019-16098☆191Updated 5 years ago
- Example code for EDR bypassing☆146Updated 5 years ago
- A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…☆92Updated 5 years ago
- Inject unsigned DLL into Protected Process Light (PPL)☆13Updated last year
- Windows API Hashes used in the malwares☆38Updated 9 years ago
- May the POC be with you☆50Updated 2 months ago
- PoC for detecting and dumping code injection (built and extended on UnRunPE)☆54Updated 6 years ago
- HTTPS GET RAT and Memory Loader☆25Updated 2 years ago
- NO WriteProcessMemory CreateRemoteThread APIs call shellcode injection☆28Updated 4 years ago
- From 32-bit process to 64-bit process☆68Updated 3 years ago
- Asynchronous Procedure Calls☆193Updated 3 years ago