adamhlt / Process-HollowingLinks
Process Hollowing in C++ (x86 / x64) - Process PE image replacement
☆165Updated 2 years ago
Alternatives and similar repositories for Process-Hollowing
Users that are interested in Process-Hollowing are comparing it to the libraries listed below
Sorting:
- Various Process Injection Techniques☆154Updated 3 years ago
- PoC Anti-Rootkit/Anti-Cheat Driver.☆213Updated 4 months ago
- Recursive and arbitrary code execution at kernel-level without a system thread creation☆158Updated 2 years ago
- Inline syscalls made for MSVC supporting x64 and WOW64☆184Updated 2 years ago
- Kernel driver loader using vulnerable gigabyte driver (https://www.secureauth.com/labs/advisories/gigabyte-drivers-elevation-privilege-vu…☆258Updated 3 years ago
- DLL that hooks the NtQuerySystemInformation API and hides a process name☆293Updated 2 years ago
- Custom GetProcAddress, GetModuleHandleA and some dbghelp.dll functions☆82Updated 6 years ago
- Bypassing PatchGuard on modern x64 systems☆265Updated 2 years ago
- Load your driver like win32k.sys☆254Updated 3 years ago
- Reverse engineering winapi function loadlibrary.☆210Updated 2 years ago
- x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration☆339Updated 3 years ago
- Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.☆153Updated 2 years ago
- manual map unsigned driver over signed memory☆200Updated last year
- State of the art DLL injector that took 20 minutes to make☆220Updated 2 years ago
- A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)☆513Updated 4 months ago
- Simple Kernelmode DLL Injector with Manual mapping☆305Updated last year
- ☆314Updated 3 months ago
- Custom LoadLibrary / GetProcAddress (x86 / x64) - Load DLL and retrieve functions manually☆94Updated 2 years ago
- DSE bypass using a leaked cert and adjusting the current clock.☆151Updated 2 years ago
- Hooking Windows' exception dispatcher to protect process's PML4☆191Updated 7 months ago
- x64 Windows PatchGuard bypass, register process-creation callbacks from unsigned code☆206Updated 4 years ago
- Exploit MsIo vulnerable driver☆111Updated 4 years ago
- Detects virtual machines and malware analysis environments☆137Updated 2 years ago
- Simple x86/x86_64 instruction level obfuscator based on a basic SBI engine☆274Updated 2 years ago
- Abusing nvidia driver (nvoclock.sys) for physical/virtual memory and control register manipulation.☆273Updated 2 years ago
- KDP compatible unsigned driver loader leveraging a write primitive in one of the IOCTLs of gdrv.sys☆156Updated last year
- 🗜️ A packer for Windows x86 executable files written in C and Intel x86 Assembly. The new file after packing can obstruct reverse engine…☆344Updated 10 months ago
- A small x64 library to load dll's into memory.☆451Updated last year
- Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling withou…☆224Updated 10 months ago
- x86 PE Mutator☆225Updated 2 years ago