akuafif / hXOR-Packer
A PE (Portable Executable) packer with Huffman Compression and Xor encryption.
☆58Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for hXOR-Packer
- A x64 PE Packer/Protector Developed in C++ and VisualStudio☆50Updated last year
- Simple PE Packer Which Encrypts .text Section☆49Updated 7 years ago
- An initial proof of concept of a bootkit based on Cr4sh's DMABackdoorBoot☆59Updated last year
- Add an empty section to a PE file☆50Updated 7 years ago
- Various Process Injection Techniques☆143Updated 2 years ago
- Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.☆148Updated 2 years ago
- Detect API Hooks☆69Updated 2 years ago
- Create a new thread that will suspend every thread and encrypt its stack, then going to sleep , then decrypt the stacks and resume thread…☆156Updated last year
- Detours implementation (x64/x86) which used only ntdll import☆88Updated 5 months ago
- A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks.☆105Updated 2 years ago
- Files for http://blog.deniable.org/posts/windows-callbacks/☆67Updated 2 years ago
- Walks the CFG bitmap to find previously executable but currently hidden shellcode regions☆100Updated last year
- A Bumblebee-inspired Crypter☆80Updated last year
- Shellcodev is a tool designed to help and automate the process of shellcode creation.☆100Updated last year
- Samples from my book Windows Native API programming☆57Updated 4 months ago
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆78Updated last year
- Achieve execution using a custom keyboard layout☆161Updated last year
- Recursive and arbitrary code execution at kernel-level without a system thread creation☆154Updated last year
- 2022 Updated Kernelmode-Code☆30Updated 7 months ago
- Small PoC of using a Microsoft signed executable as a lolbin.☆133Updated last year
- Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post☆47Updated 2 months ago
- Process Hollowing in C++ (x86 / x64) - Process PE image replacement☆127Updated last year
- Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!☆224Updated 4 months ago
- Listing UDP connections with remote address without sniffing.☆30Updated last year
- Use hardware breakpoints to spoof the call stack for both syscalls and API calls☆181Updated 5 months ago
- silence file system monitoring components by hooking their minifilters☆51Updated 9 months ago
- Standalone Metasploit-like XOR encoder for shellcode☆46Updated 6 months ago
- Sample project that encrypts windows 32-bit executables with password☆52Updated 2 years ago
- A proof of concept I developed to improve Gargoyle back in 2018 to achieve true memory obfuscation from position independent code☆39Updated 2 months ago
- ☆106Updated last year