WindowsCodeCamp / append_signed_pe
Append custom data to signed pe file and DONOT DESTROY SIGNED STATUS.
☆24Updated 3 years ago
Related projects: ⓘ
- ☆22Updated last year
- c++ implementation of windows heavens gate☆54Updated 3 years ago
- NO WriteProcessMemory CreateRemoteThread APIs call shellcode injection☆27Updated 4 years ago
- Call NtCreateUserProcess directly as normal.☆64Updated 2 years ago
- A kernel mode Windows rootkit in development.☆49Updated 2 years ago
- Inject unsigned DLL into Protected Process Light (PPL)☆12Updated last year
- Bypass UAC at any level by abusing the Task Scheduler and environment variables☆26Updated 3 years ago
- ☆15Updated 3 years ago
- APC DLL Injector with NtQueueApcThread and wake up thread support☆44Updated 7 years ago
- Kill Protected Process Light Process (include av)☆55Updated last year
- POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…☆38Updated 2 years ago
- Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler☆26Updated 3 years ago
- A compact tool for detecting AV/EDR hooks in default Windows libraries.☆29Updated 2 years ago
- Tiny driver patch to allow kernel callbacks to work on Win10 21h1☆31Updated 2 years ago
- ☆26Updated 7 years ago
- Process Hollowing POC in CPP☆14Updated 3 years ago
- Inject shellcode to process using Windows NTAPI for bypassing EDRs and Antiviruses☆40Updated 3 years ago
- 编译时混淆字符串,以确保生成的二进制PE不会暴漏明文字符串。(C++ 14 及以上)☆23Updated 2 years ago
- ☆96Updated 2 years ago
- ☆10Updated this week
- x86/x64 dll injector☆28Updated 2 years ago
- Windows API Call Obfuscation☆86Updated last year
- ☆14Updated this week
- Record & prevent file deletion in kernel mode☆39Updated 4 years ago
- Dll injection through code page id modification in registry. Based on jonas lykk research☆116Updated last year
- Convert PE files to a shellcode☆73Updated 4 years ago
- Hooking Shadow and normal SSDT with Kaspersky Hypervisor and abusing alignment☆21Updated 3 years ago
- ☆37Updated last year
- Bypass UAC by abusing the Internet Explorer Add-on installer☆50Updated 3 years ago
- Weaponizing Gigabyte driver for priv escalation and bypass PPL☆68Updated 5 years ago