ZeroMemoryEx / KasperskyHook

Related projects ⓘ

Alternatives and complementary repositories for KasperskyHook

• ZeroMemoryEx / Thread-Hijacking
  Thread Execution Hijacking technique
  ☆34Updated 2 years ago
• ZeroMemoryEx / WDropper
  C++ PowerShell dropper
  ☆21Updated 2 years ago
• ZeroMemoryEx / TrampHook
  x86 Trampoline Hook
  ☆37Updated 2 years ago
• ZeroMemoryEx / Hooks_Hunter
  Detect API Hooks
  ☆68Updated 2 years ago
• NUL0x4C / RecycleBinPersistence
  using the Recycle Bin to insure persistence
  ☆11Updated 2 years ago
• cocomelonc / 2022-01-14-malware-injection-13
  Code injection via ZwCreateSection, ZwUnmapViewOfSection. C++ example
  ☆17Updated 2 years ago
• 0x00Jeff / ElfFileInfecters
  a collection of elf file infectors
  ☆27Updated 3 years ago
• Idov31 / UdpInspector
  Listing UDP connections with remote address without sniffing.
  ☆30Updated last year
• Lima-X / XOrCryptEx
  XOrCryptEx lightweight C Utility/Algorithm
  ☆11Updated 2 years ago
• SaadAhla / BlockNonMSModules
  Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules
  ☆42Updated last year
• hid3rx / GhostWriting
  ☆22Updated last year
• samshine / ScyllaHideDetector2
  Allows you to find the use of ScyllaHide, if your program will debug and restore hooking functions bytes.
  ☆23Updated 5 years ago
• benheise / bootkit
  UEFI bootkit: Hardware Implant. In-Progress
  ☆11Updated 2 years ago
• 0mWindyBug / MinifilterHook
  silence file system monitoring components by hooking their minifilters
  ☆51Updated 9 months ago
• PaulNorman01 / Dynamizer
  Reduce Dynamic Analysis Detection Rates With Built-In Unhooker, Anti Analysis Techniques, And String Obfuscator Modules.
  ☆18Updated last year
• buzzer-re / BulletTrain
  A manual PE mapping implementation, aka reflective loader
  ☆17Updated 2 years ago
• MahmoudZohdy / Anti-Analysis-DebuggerInjection
  Anti-Analysis technique, trick the debugger by Hiding events from it.
  ☆18Updated 3 years ago
• alfarom256 / UserVAtoPhysical
  Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address
  ☆24Updated 2 years ago
• Narumiii / phantommap
  Phantom DLL Hollowing method implemented in modmap
  ☆17Updated 3 years ago
• cocomelonc / 2022-05-02-malware-pers-3
  Malware persistence via COM DLL hijacking. C++ implementation example
  ☆13Updated 2 years ago
• Jasper1467 / WindowsDefender_Rebuild
  An attempt at reversing WindowsDefender
  ☆20Updated last month
• ZeroMemoryEx / URootkit
  user-mode Rootkit
  ☆98Updated 2 years ago
• ioncodes / pooldump
  ☆29Updated 2 years ago
• ryan-weil / Code-Cave
  Injects position-dependent code into a code cave in an executable file, and applies relocations.
  ☆19Updated last year
• veil-ivy / kapc_injector
  kernel to user mode APC injector
  ☆43Updated 2 years ago
• kkent030315 / anyelevate
  x64 Windows privilege elevation using anycall
  ☆20Updated 3 years ago