ZeroMemoryEx / TrampHook

Related projects ⓘ

Alternatives and complementary repositories for TrampHook

• ZeroMemoryEx / Hooks_Hunter
  Detect API Hooks
  ☆69Updated 2 years ago
• 0x00Jeff / BetterGetProcAddress
  POC of a better implementation of GetProcAddress for ntdll using binary search
  ☆94Updated 7 months ago
• ZeroMemoryEx / SleepKiller
  Bypass Malware Time Delays
  ☆97Updated 2 years ago
• Hemogl0bin / drvscanner
  Scan for potentially vulnerable drivers
  ☆80Updated 2 years ago
• realoriginal / bootdoor
  An initial proof of concept of a bootkit based on Cr4sh's DMABackdoorBoot
  ☆59Updated last year
• NtQuerySystemInformation / NlsCodeInjectionThroughRegistry
  Dll injection through code page id modification in registry. Based on jonas lykk research
  ☆117Updated last year
• rad9800 / VehApiResolve
  ☆98Updated 2 years ago
• XaFF-XaFF / ZwProcessHollowing
  ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption
  ☆78Updated last year
• knight0x07 / BumbleCrypt
  A Bumblebee-inspired Crypter
  ☆80Updated last year
• capt-meelo / KernelCallbackTable-Injection
  Code used in this post https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html
  ☆99Updated 2 years ago
• ZeroMemoryEx / URootkit
  user-mode Rootkit
  ☆98Updated 2 years ago
• xalicex / Get-DLL-and-Function-Addresses
  GetModuleHandle (via PEB) and GetProcAddress (via EAT) like
  ☆32Updated 2 years ago
• ReCryptLLC / CVE-2022-42045
  ☆37Updated last year
• maziland / StackBombing
  Next gen process injection technique
  ☆42Updated 4 years ago
• 0x44F / WinKit
  💻 Windows 10 Kernel-mode rootkit
  ☆31Updated 2 years ago
• XaFF-XaFF / Shellcodev
  Shellcodev is a tool designed to help and automate the process of shellcode creation.
  ☆100Updated last year
• AlSch092 / HideStaticReferences
  Research into removing strings & API call references at compile-time (Anti-Analysis)
  ☆24Updated 5 months ago
• GetRektBoy724 / SyscallShuffler
  Your NTDLL vaccine from modern direct syscall methods.
  ☆35Updated 2 years ago
• Idov31 / UdpInspector
  Listing UDP connections with remote address without sniffing.
  ☆30Updated last year
• ZeroMemoryEx / Thread-Hijacking
  Thread Execution Hijacking technique
  ☆34Updated 2 years ago
• trickster0 / CReadMemory
  Read Memory without ReadProcessMemory for Current Process
  ☆74Updated 2 years ago
• Allevon412 / ReflectiveDLLInjector
  This program is used to perform reflective DLL Injection to a remote process specified by the user.
  ☆62Updated last year
• SaadAhla / BlockNonMSModules
  Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules
  ☆42Updated last year
• iilegacyyii / ExportDumper
  A small tool I made to dump the export table of PE files. The primary use case was intended for use within DLL proxying.
  ☆68Updated 2 years ago
• Offensive-Panda / C2_Elevated_Shell_DLL_Hijcking
  DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…
  ☆37Updated 6 months ago
• PaulNorman01 / Dynamizer
  Reduce Dynamic Analysis Detection Rates With Built-In Unhooker, Anti Analysis Techniques, And String Obfuscator Modules.
  ☆18Updated last year