Custom LoadLibrary / GetProcAddress (x86 / x64) - Load DLL and retrieve functions manually
☆96Aug 4, 2023Updated 2 years ago
Alternatives and similar repositories for Manual-DLL-Loader
Users that are interested in Manual-DLL-Loader are comparing it to the libraries listed below
Sorting:
- ASLR Disabler (x86 / x64) - Little utility for disabling the ASLR on PE files☆16Aug 1, 2023Updated 2 years ago
- POC Ring3 Windows Rootkit (x86 / x64) - Hide processes and files☆64Aug 1, 2023Updated 2 years ago
- Small class to help perform syscalls.☆21May 15, 2025Updated 9 months ago
- Process Hollowing in C++ (x86 / x64) - Process PE image replacement☆179Aug 1, 2023Updated 2 years ago
- A C# Source Generator for obfuscating string or byte array values using multi-byte xor encryption.☆14Jun 12, 2024Updated last year
- eac memory sig maker☆14Jun 10, 2021Updated 4 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆41Dec 31, 2020Updated 5 years ago
- ☆16Feb 5, 2021Updated 5 years ago
- PE Explorer in C++ (x86 / x64) - PE file parser, retrieve exports and imports☆77Feb 17, 2024Updated 2 years ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Jan 30, 2025Updated last year
- ☆28Nov 20, 2017Updated 8 years ago
- ☆29Sep 17, 2024Updated last year
- Convert any binary to a C-style array☆25Aug 24, 2021Updated 4 years ago
- hook detector☆31Nov 4, 2021Updated 4 years ago
- IAT Hooking POC (x86 / x64) - Hook functions through the IAT☆36Jul 29, 2024Updated last year
- Artemis - C++ Hell's Gate Syscall Implementation☆34Aug 16, 2023Updated 2 years ago
- ☆14Mar 30, 2022Updated 3 years ago
- ☆15Sep 24, 2012Updated 13 years ago
- Performing Indirect Clean Syscalls☆604Apr 19, 2023Updated 2 years ago
- Wrapper for VMProtect Library (only MSVC)☆35Jul 6, 2018Updated 7 years ago
- Spoof the return address of any function call.☆11Jul 21, 2024Updated last year
- Cobalt Strike Beacon Object File (BOF) that uses RegConnectRegistryA + RegOpenKeyExA API to dump registry hives on remote computer☆17Mar 4, 2023Updated 3 years ago
- A simple rootkit to hide a process☆47Jan 10, 2014Updated 12 years ago
- Libraries written in inline assembly☆19Aug 7, 2023Updated 2 years ago
- Cube World Reversing & Cheat (x64) - Include IDA file and unpacked game☆13Aug 1, 2023Updated 2 years ago
- A small library to extend the functionality of GetModuleHandle and GetProcAddress to other processes☆16Mar 23, 2020Updated 5 years ago
- hook system call that on user mode☆12Jan 27, 2022Updated 4 years ago
- Analyze Windows x64 Kernel Memory Layout☆129Nov 19, 2020Updated 5 years ago
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆92Mar 23, 2023Updated 2 years ago
- PE loader with various shellcode injection techniques☆449Oct 17, 2022Updated 3 years ago
- A tool that reads a PE file from a byte array buffer and injects it into memory.☆28Aug 5, 2019Updated 6 years ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆71Feb 11, 2024Updated 2 years ago
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆293Jul 15, 2023Updated 2 years ago
- ☆13Aug 24, 2022Updated 3 years ago
- Reflective shellcode runners using obfuscated Win32 APIs in C# and C++ (GetProcAddress & GetModuleHandle). For penetration testing.☆15Jul 17, 2025Updated 7 months ago
- simply manual map any system image☆18Feb 1, 2021Updated 5 years ago
- ☆14Mar 8, 2019Updated 6 years ago
- Single header library to simplify the usage of direct syscalls. x64/x86☆14Feb 26, 2023Updated 3 years ago
- Remote Administration Tool, Server Written in C# and Client Written in C++☆15Dec 8, 2022Updated 3 years ago