akuafif / hXOR-Packer
A PE (Portable Executable) packer with Huffman Compression and Xor encryption.
☆58Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for hXOR-Packer
- A x64 PE Packer/Protector Developed in C++ and VisualStudio☆50Updated last year
- Process Hollowing in C++ (x86 / x64) - Process PE image replacement☆124Updated last year
- Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware☆25Updated 5 years ago
- vulnerability in zam64.sys, zam32.sys allowing ring 0 code execution. CVE-2021-31727 and CVE-2021-31728 public reference.☆89Updated 3 years ago
- Recursive and arbitrary code execution at kernel-level without a system thread creation☆154Updated last year
- Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!☆218Updated 4 months ago
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆67Updated 3 years ago
- Shellcodev is a tool designed to help and automate the process of shellcode creation.☆100Updated last year
- An initial proof of concept of a bootkit based on Cr4sh's DMABackdoorBoot☆59Updated last year
- A attempt at replicating BLACKLOTUS capabilities, whilst not acting as a direct mimic.☆85Updated last year
- Detect API Hooks☆68Updated 2 years ago
- A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks.☆104Updated 2 years ago
- Hook all callbacks which are registered with LdrRegisterDllNotification☆81Updated last year
- Detours implementation (x64/x86) which used only ntdll import☆88Updated 4 months ago
- Various Process Injection Techniques☆143Updated 2 years ago
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆77Updated last year
- 2022 Updated Kernelmode-Code☆30Updated 7 months ago
- Walks the CFG bitmap to find previously executable but currently hidden shellcode regions☆100Updated last year
- Create a new thread that will suspend every thread and encrypt its stack, then going to sleep , then decrypt the stacks and resume thread…☆154Updated last year
- Add an empty section to a PE file☆49Updated 7 years ago
- A Bumblebee-inspired Crypter☆80Updated last year
- Small tool to convert beteween the PE alignments (raw and virtual).☆81Updated last year
- Simple PE Packer Which Encrypts .text Section☆49Updated 7 years ago
- Files for http://blog.deniable.org/posts/windows-callbacks/☆67Updated 2 years ago
- ☆40Updated last year
- user-mode Rootkit☆98Updated 2 years ago
- Small PoC of using a Microsoft signed executable as a lolbin.☆132Updated last year
- Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.☆147Updated 2 years ago
- Implementation of Advanced Module Stomping and Heap/Stack Encryption☆208Updated last year
- Header only library for obfuscation import winapi functions.☆32Updated 3 years ago