aaaddress1 / SignThief
Windows PE Signature Thief in C++
☆50Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for SignThief
- Convert PE files to a shellcode☆73Updated 4 years ago
- Load static-compiled PE from remote server.☆58Updated 2 years ago
- Windows API Call Obfuscation☆86Updated last year
- Abuse Xwizard.exe for DLL Side-Loading☆83Updated last year
- PoC: Exploit 32-bit Thread Snapshot of WOW64 to Take Over $RIP & Inject & Bypass Antivirus HIPS (HITB 2021)☆160Updated 3 years ago
- HTTPS GET RAT and Memory Loader☆25Updated 2 years ago
- bring your own vulnerable driver☆82Updated last year
- Windows Kernel Knowledge && Collect Resources on the wire && Nothing innovation by myself &&☆51Updated 2 months ago
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆77Updated last year
- Kill Protected Process Light Process (include av)☆54Updated last year
- shellcode-loaders and beacon-loaders☆63Updated last year
- ☆44Updated last year
- Inject shellcode to process using Windows NTAPI for bypassing EDRs and Antiviruses☆40Updated 3 years ago
- PoC: Rebuild A New Path Back to the Heaven's Gate (HITB 2021)☆101Updated 3 years ago
- Bypass UAC by abusing the Internet Explorer Add-on installer☆50Updated 3 years ago
- IAT-Obfuscation to make static analysis of executable harder.☆41Updated 3 years ago
- An implementation of an indirect system call☆116Updated last year
- NO WriteProcessMemory CreateRemoteThread APIs call shellcode injection☆28Updated 4 years ago
- Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections☆95Updated last year
- Standalone Metasploit-like XOR encoder for shellcode☆45Updated 5 months ago
- https://key08.com/index.php/2021/10/19/1375.html☆62Updated 2 years ago
- ☆22Updated last year
- Botnet system from deep-web Russians forums. Tiny Nuke!☆88Updated 7 years ago
- Hide processes, files, services in Windows ring3☆21Updated 5 months ago
- PoC capable of detecting manual syscalls from usermode.☆182Updated 3 years ago
- Create a new thread that will suspend every thread and encrypt its stack, then going to sleep , then decrypt the stacks and resume thread…☆154Updated last year
- 简单安排一下 autochk.sys 这个rootkit☆67Updated last year
- Akame is an open-source, UD shellcode loader written in C++17.☆19Updated 4 months ago
- Process Injection via Component Object Model (COM) IRundown::DoCallback().☆53Updated last year