UserExistsError / InjectDll
Inject a Dll from memory
☆39Updated 5 years ago
Related projects: ⓘ
- Add an empty section to a PE file☆49Updated 7 years ago
- Simple PE Packer Which Encrypts .text Section☆45Updated 7 years ago
- A quick-and-dirty anti-hook library proof of concept.☆100Updated 6 years ago
- silence file system monitoring components by hooking their minifilters☆49Updated 7 months ago
- Hide function calls to prevent reverse-engineering☆64Updated 3 years ago
- Dump system call codes, names, and offsets from Ntdll.dll☆70Updated 11 months ago
- Header only library for obfuscation import winapi functions.☆31Updated 3 years ago
- Record & prevent file deletion in kernel mode☆39Updated 4 years ago
- A library with four different methods to execute shellcode in a process☆24Updated 4 years ago
- Weaponizing Gigabyte driver for priv escalation and bypass PPL☆68Updated 5 years ago
- Dynamically generated obfuscated jumps and/or function calls☆33Updated last year
- A x64 PE Packer/Protector Developed in C++ and VisualStudio☆50Updated last year
- ☆48Updated this week
- Shellcode to load an appended Dll☆89Updated 3 years ago
- Exploit MsIo vulnerable driver☆82Updated 3 years ago
- LSASS INJECTOR☆33Updated 5 years ago
- Example Windows Kernel-mode Driver which enumerates running processes.☆51Updated 2 years ago
- Lightweight Portable Executable parsing library and a demo peParser application.☆71Updated last year
- A simple rootkit to hide a process☆44Updated 10 years ago
- Sample project that encrypts windows 32-bit executables with password☆52Updated 2 years ago
- A packed & protected Module Loader and more, for 64-bit Windows☆28Updated 3 years ago
- x64 syscall caller in C++.☆84Updated 6 years ago
- Detours implementation (x64/x86) which used only ntdll import☆85Updated 3 months ago
- Allows you to find the use of ScyllaHide, if your program will debug and restore hooking functions bytes.☆22Updated 5 years ago
- Process Hollowing demonstration & explanation☆31Updated 3 years ago
- A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks.☆98Updated 2 years ago
- Miscellaneous Code and Docs☆76Updated 9 months ago
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆44Updated last year
- A driver to intercept low level windows events☆59Updated 4 years ago
- APC DLL Injector with NtQueueApcThread and wake up thread support☆44Updated 7 years ago