aaaddress1 / SignThiefLinks
Windows PE Signature Thief in C++
☆50Updated 4 years ago
Alternatives and similar repositories for SignThief
Users that are interested in SignThief are comparing it to the libraries listed below
Sorting:
- Windows API Call Obfuscation☆106Updated 2 years ago
- Convert PE files to a shellcode☆76Updated 5 years ago
- Load static-compiled PE from remote server.☆62Updated 3 years ago
- NO WriteProcessMemory CreateRemoteThread APIs call shellcode injection☆29Updated 5 years ago
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆86Updated 2 years ago
- PoC: Exploit 32-bit Thread Snapshot of WOW64 to Take Over $RIP & Inject & Bypass Antivirus HIPS (HITB 2021)☆161Updated 4 years ago
- Kill Protected Process Light Process (include av)☆58Updated last year
- PoC: Rebuild A New Path Back to the Heaven's Gate (HITB 2021)☆106Updated 4 years ago
- shellcode-loaders and beacon-loaders☆64Updated last year
- HTTPS GET RAT and Memory Loader☆25Updated 2 weeks ago
- Code used in this post https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html☆127Updated 3 years ago
- An implementation of an indirect system call☆129Updated last year
- bring your own vulnerable driver☆99Updated 2 years ago
- Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping☆56Updated 2 years ago
- Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique☆67Updated 2 years ago
- Unhooks Bit Defender from NTDLL and KERNELBASE using a classic technique.☆54Updated 2 years ago
- Inject shellcode to process using Windows NTAPI for bypassing EDRs and Antiviruses☆41Updated 4 years ago
- ☆31Updated last year
- Standalone Metasploit-like XOR encoder for shellcode☆47Updated last year
- Fud Runpe Av Evasion / All Av Bypass☆33Updated 2 years ago
- ☆50Updated 2 years ago
- ☆200Updated 3 years ago
- User Mode Windows Rootkit☆63Updated last year
- Bypassing ETW with Csharp☆27Updated 3 years ago
- ☆166Updated 3 years ago
- It stinks☆102Updated 3 years ago
- IAT-Obfuscation to make static analysis of executable harder.☆43Updated 3 years ago
- Client/server code that impersonates TLS 1.3 to disguise C2 activity.☆69Updated 2 years ago
- DLL Hollowing PoC - Remote and Self shellcode injection☆80Updated 3 years ago
- Windows Kernel Knowledge && Collect Resources on the wire && Nothing innovation by myself &&☆56Updated last week