adamhlt / Manual-DLL-Loader
Custom LoadLibrary / GetProcAddress (x86 / x64) - Load DLL and retrieve functions manually
☆73Updated last year
Related projects ⓘ
Alternatives and complementary repositories for Manual-DLL-Loader
- Custom GetProcAddress, GetModuleHandleA and some dbghelp.dll functions☆81Updated 5 years ago
- load unsigned kernel-driver by patching dse in 248 lines☆110Updated 8 months ago
- KDP compatible unsigned driver loader leveraging a write primitive in one of the IOCTLs of gdrv.sys☆132Updated 5 months ago
- Inline syscalls made for MSVC supporting x64 and WOW64☆175Updated last year
- State of the art DLL injector that took 20 minutes to make☆207Updated last year
- Hide function calls to prevent reverse-engineering☆65Updated 3 years ago
- A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.☆117Updated 3 years ago
- Elevate a process to be a protected process☆143Updated 5 years ago
- Kernel driver that .text hooks a syscall in dxgkrnl.sys which can be called from our user-mode client to send instructions like rpm/wpm a…☆147Updated last year
- x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration☆226Updated 2 years ago
- A mapper that maps shellcode into loaded large page drivers☆229Updated 2 years ago
- based on https://github.com/secrary/Hooking-via-InstrumentationCallback☆67Updated 5 years ago
- Reverse engineering winapi function loadlibrary.☆70Updated last year
- This project migrated to https://github.com/backengineering/llvm-msvc☆82Updated last year
- manual map unsigned driver over signed memory☆183Updated 7 months ago
- ☆193Updated last year
- Vectored Exception Handling Hooking Class☆145Updated 5 years ago
- Class containing Anti-RE, Anti-Debug and Anti-Hook methods. Made for C++/CLI☆101Updated 2 years ago
- Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver☆152Updated last year
- ☆121Updated 2 years ago
- A proof of concept demonstrating communication via mapped shared memory structures between a user-mode process and a kernel-mode payload …☆74Updated 3 years ago
- A simple tool to assemble shellcode ready to be copy-pasted into code☆64Updated 2 years ago
- Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.☆279Updated 3 years ago
- An Injector that can inject dll into game process protected by anti cheat using SetWindowsHookEx.☆238Updated 5 years ago
- TS-Changer - Forces the machine in/out of TestSigning Mode at runtime.☆64Updated last year
- Standard Kernel Library for Windows hacking in C++☆91Updated 3 months ago
- nmi stackwalking + module verification☆91Updated 10 months ago
- Scans all modules in target process for jmp/int3 hooks dissassembles then and follows jmps to destination.☆71Updated last year
- Archive R/W into any protected process by changing the value of KTHREAD->PreviousMode☆146Updated 2 years ago
- Handling C++ & __try exceptions without the need of built-in handlers.☆65Updated 3 years ago