XShar / Windows_Kernel_Programming
Windows Kernel Programming (Обзорный перевод книги)
☆57Updated 4 years ago
Alternatives and similar repositories for Windows_Kernel_Programming:
Users that are interested in Windows_Kernel_Programming are comparing it to the libraries listed below
- Rootkit & Anti-rootkit☆39Updated last year
- An example of how x64 kernel shellcode can dynamically find and use APIs☆104Updated 4 years ago
- Скрытие строки от отладчиков и декомпиляторов☆50Updated 5 years ago
- This utility allows you to lock every available memory regions of an arbitrary process into its working set.☆67Updated last year
- Obfuscate calls to imports by patching in stubs☆67Updated 3 years ago
- LSASS INJECTOR☆35Updated 6 years ago
- Скрытие Win API☆24Updated 5 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆53Updated 5 years ago
- fix vmprotect import function used unicorn-engine.☆92Updated last year
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆70Updated last year
- ☆58Updated 2 years ago
- arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system☆54Updated 3 years ago
- x64 syscall caller in C++.☆86Updated 6 years ago
- A reflexive driver loader to bypass Windows DSE (featuring a custom PE loader)☆41Updated 6 years ago
- PoC for hiding PE exports☆66Updated 4 years ago
- win10 pgContext dynamic dump (btc version)☆104Updated 5 years ago
- A quick-and-dirty anti-hook library proof of concept.☆103Updated 6 years ago
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆39Updated 2 years ago
- virtualization obfuscator inspired by juhajong/vm-obfuscator☆57Updated 5 years ago
- using gpuz to load driver☆33Updated 5 years ago
- NINA: No Injection, No Allocation x64 Process Injection Technique☆195Updated 4 years ago
- Takes a Windbg dumped structure (using the 'dt' command) and formats it into a C structure☆35Updated 7 months ago
- An extended proof-of-concept for the CVE-2021-21551 Dell ‘dbutil_2_3.sys’ Kernel Exploit☆24Updated 3 years ago
- obfacros - a set of C++ macros that can be used to obfuscate your c/c++ code, to make executables harder for reverse-engineering.☆46Updated 5 years ago
- direct systemcalls with a modern c++20 interface.☆42Updated 2 years ago
- Using SetWindowHookEx for preinjected DLL's☆58Updated 2 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆51Updated 4 years ago
- Allows you to find the use of ScyllaHide, if your program will debug and restore hooking functions bytes.☆24Updated 5 years ago
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆74Updated 14 years ago
- Скрытие процессов и файлов в user mode☆20Updated 5 years ago