Call 32bit NtDLL API directly from WoW64 Layer
☆62Nov 18, 2020Updated 5 years ago
Alternatives and similar repositories for wow64Jit
Users that are interested in wow64Jit are comparing it to the libraries listed below
Sorting:
- c++ implementation of windows heavens gate☆70Feb 12, 2021Updated 5 years ago
- A simple open source memory hooking library for Windows x86/x64☆88Nov 16, 2020Updated 5 years ago
- Remote memory library in C++17.☆34May 31, 2018Updated 7 years ago
- Monitor ETW events for Windows process mitigation policies, with stack traces☆31Oct 7, 2022Updated 3 years ago
- win10 pgContext dynamic dump (btc version)☆110Jan 15, 2020Updated 6 years ago
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated last year
- HTTP/HTTPS/DNS inspector (windows driver)☆27Feb 20, 2019Updated 7 years ago
- RunPE using Hell's Gate technique.☆32Dec 4, 2020Updated 5 years ago
- This is the P.O.C source for hooking the system calls on Windows 10 (1903) using it's dynamic trace feature weakness☆53Sep 12, 2019Updated 6 years ago
- Headers for linking your software with ntdll.dll☆15Nov 4, 2020Updated 5 years ago
- x64 assembler library☆31Jun 7, 2024Updated last year
- My articles for Paged Out! #2☆17Nov 20, 2019Updated 6 years ago
- ☆15Dec 16, 2020Updated 5 years ago
- Ready-to-use headers for Windows Kernel SSDT indices☆11Apr 12, 2020Updated 5 years ago
- x64dbg Malware Plugin. Detect malicious materials☆16Jun 13, 2020Updated 5 years ago
- PoC MSVC COFF Object file loader/injector.☆185Mar 19, 2021Updated 4 years ago
- A driver that hooks C: volume using symbolic link callback to track all FS access to the volume☆109Apr 24, 2020Updated 5 years ago
- ☆36Sep 7, 2020Updated 5 years ago
- A PoC designed to bypass all usermode hooks in a WoW64 environment.☆150Sep 16, 2020Updated 5 years ago
- PoC: Exploit 32-bit Thread Snapshot of WOW64 to Take Over $RIP & Inject & Bypass Antivirus HIPS (HITB 2021)☆167May 27, 2021Updated 4 years ago
- Windows sandbox PoC☆32May 25, 2020Updated 5 years ago
- kernel-mode TDI client which can send and receive HTTP requests☆56Jun 9, 2018Updated 7 years ago
- the basic version of the ring0 physical memory read/write tool☆92Aug 18, 2019Updated 6 years ago
- Run some secret code invisible from debugger single step.(x86 process on x64 windows only)☆25Mar 13, 2020Updated 5 years ago
- ☆125May 23, 2020Updated 5 years ago
- ☆44Oct 7, 2018Updated 7 years ago
- clone of armadillo patched for windows☆48Oct 22, 2024Updated last year
- PoC for hiding PE exports☆67Dec 19, 2020Updated 5 years ago
- ☆31Jul 27, 2020Updated 5 years ago
- 粗暴地枚举管理内核的WFP对象。 Manage kernel WFPs in a brutal way.☆27Jan 14, 2018Updated 8 years ago
- Driver Loader/BE Bypass/Win Malware(lol)☆36Jun 25, 2019Updated 6 years ago
- hook msr by amd svm☆125Dec 30, 2019Updated 6 years ago
- Detour library (x64 and x86 compatible)☆13Dec 15, 2020Updated 5 years ago
- Analyze Windows x64 Kernel Memory Layout☆129Nov 19, 2020Updated 5 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆78Aug 12, 2015Updated 10 years ago
- Simple Demo of using Windows Hypervisor Platform☆29Jul 14, 2025Updated 7 months ago
- reverse engineering of bedaisy.sys (battleyes kernel driver) - Aki2k/BEDaisy☆116Aug 10, 2020Updated 5 years ago
- Manual PE image mapper☆66Aug 29, 2013Updated 12 years ago
- A driver that supports communication between a Windows guest and HyperWin☆15Jan 6, 2021Updated 5 years ago