aaaddress1 / theArkLinks
Windows x86 PE Packer In C++
☆51Updated 5 years ago
Alternatives and similar repositories for theArk
Users that are interested in theArk are comparing it to the libraries listed below
Sorting:
- ☆40Updated 9 months ago
- tool for building windows shellcode in C by MinGW☆52Updated 3 years ago
- PoC: Rebuild A New Path Back to the Heaven's Gate (HITB 2021)☆109Updated 4 years ago
- Run some secret code invisible from debugger single step.(x86 process on x64 windows only)☆25Updated 5 years ago
- simple compiler based on mingw to build uncrackable windows application against analysis tools☆63Updated 7 years ago
- ☆31Updated 2 years ago
- POC about how to prevent windbg break☆15Updated 2 years ago
- ☆61Updated 2 years ago
- PoC for DEF CON 26: Playing Malware Injection with Exploit thoughts☆25Updated 7 years ago
- Windows API Hashes used in the malwares☆42Updated 10 years ago
- PoC: Exploit 32-bit Thread Snapshot of WOW64 to Take Over $RIP & Inject & Bypass Antivirus HIPS (HITB 2021)☆166Updated 4 years ago
- arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system☆57Updated 3 years ago
- Call 32bit NtDLL API directly from WoW64 Layer☆60Updated 4 years ago
- ☆163Updated 3 years ago
- 2021 iThome 鐵人賽☆49Updated last year
- An example of how x64 kernel shellcode can dynamically find and use APIs☆106Updated 5 years ago
- Reverse engineered source code of the autochk rootkit☆206Updated 5 years ago
- Find patterns of vulnerabilities on Windows in order to find 0-day and write exploits of 1-days. We use Microsoft security updates in ord…☆188Updated 4 years ago
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆73Updated 4 years ago
- Exploiting ring0 memcpy-like functionality to disable Driver Signing Enforcement (DSE)☆21Updated 5 years ago
- Local privilege escalation PoC exploit for CVE-2019-16098☆195Updated 5 years ago
- MalUnpack companion driver☆98Updated last year
- Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.☆99Updated 5 years ago
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆73Updated 2 years ago
- Simple project using syscalls (via Syswhispers2) to execute MessageBox shellcode.☆75Updated 3 years ago
- vulnerability in zam64.sys, zam32.sys allowing ring 0 code execution. CVE-2021-31727 and CVE-2021-31728 public reference.☆91Updated 4 years ago
- Windows Kernel Programming Experiments☆80Updated 2 years ago
- POC of a better implementation of GetProcAddress for ntdll using binary search☆109Updated last year
- IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).☆93Updated 3 years ago
- ☆51Updated 2 years ago