aaaddress1 / ntkrnlProtectScanLinks
One Click Tool to Scan All the Enabled Protection of current Windows NT Kernel
☆43Updated last year
Alternatives and similar repositories for ntkrnlProtectScan
Users that are interested in ntkrnlProtectScan are comparing it to the libraries listed below
Sorting:
- ☆31Updated last year
- Windows AppLocker Driver (appid.sys) LPE☆62Updated 10 months ago
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆36Updated last year
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆26Updated last year
- Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver☆50Updated last year
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated 2 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 3 years ago
- Reports on Driver, LSASS and other security services mitigations☆16Updated 2 months ago
- API Hammering with C++20☆46Updated 2 years ago
- NailaoLoader: Hiding Execution Flow via Patching☆21Updated 3 months ago
- ☆30Updated 6 months ago
- Section-based payload obfuscation technique for x64☆61Updated 10 months ago
- the Open Source and Pure C++ Packer for eXecutables☆21Updated 2 years ago
- LPE exploit for CVE-2023-36802☆22Updated last year
- Proof of Concept example for abusing Process Hacker 2 (v2.39.124)☆22Updated 7 months ago
- miscellaneous codes☆35Updated last year
- Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules☆42Updated 2 years ago
- EvtPsst☆55Updated last year
- Classic Process Injection with Memory Evasion Techniques implemantation☆70Updated last year
- ☆86Updated 10 months ago
- A (quite) simple steganography algorithm to hide shellcodes within bitmap image.☆21Updated last year
- Process Ghosting is a technique in which a process is created from a delete pending file. This means the created process is not backed by…☆14Updated last year
- Reimplementation of the KExecDD DSE bypass technique.☆49Updated 9 months ago
- Research into removing strings & API call references at compile-time (Anti-Analysis)☆27Updated last year
- DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable☆57Updated last year
- ☆48Updated 3 months ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆23Updated last year
- Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.☆47Updated last year
- ☆37Updated 2 years ago
- ☆21Updated last year