☆58Feb 19, 2026Updated last week
Alternatives and similar repositories for hypervinject-poc
Users that are interested in hypervinject-poc are comparing it to the libraries listed below
Sorting:
- WinDbg plugin to trace module transitions from a debugged driver.☆40Dec 22, 2025Updated 2 months ago
- break link between dll and it file on disk☆12Sep 2, 2024Updated last year
- An example of how to use Microsoft Windows Warbird technology☆96Apr 23, 2023Updated 2 years ago
- Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH☆137Aug 31, 2025Updated 6 months ago
- ntoskrnl .data hooks for UM-KM communication☆54May 26, 2024Updated last year
- PrimitiveInjection by using Read, Write and Allocation Primitives.☆53Jun 21, 2025Updated 8 months ago
- Shellcode capable of bypassing EAF / IAF mitigations☆28Apr 11, 2023Updated 2 years ago
- call gates as stable comunication channel for NT x86 and Linux x86_64☆32Aug 11, 2023Updated 2 years ago
- Windows Active DIrectory Pentesting documentation.☆19Jun 14, 2024Updated last year
- Proof-of-concept implementation of AI-enabled postex DLLs☆54Sep 10, 2025Updated 5 months ago
- A lexer and parser for Sleep☆20Feb 20, 2026Updated last week
- WinRAR 0day CVE-2025-8088 PoC RAR Archive☆45Aug 12, 2025Updated 6 months ago
- One-header configurable C++20 COFF loader☆21Jul 21, 2025Updated 7 months ago
- ☆17Sep 17, 2025Updated 5 months ago
- A C++/Asm template for PIC/EXE/DLL malware☆24Aug 12, 2025Updated 6 months ago
- Convert your shellcode into an ASCII string☆128Jun 27, 2025Updated 8 months ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆281Sep 18, 2024Updated last year
- Blog/Journal on how to backdoor VSCode extensions☆76Updated this week
- Your NTDLL vaccine from modern direct syscall methods.☆36Apr 5, 2022Updated 3 years ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 6 months ago
- ☆409Dec 8, 2024Updated last year
- MIPS VM to execute payloads without allocating executable memory. Based on a PlayStation 1 (PSX) Emulator.☆125Dec 6, 2024Updated last year
- iTLB multihit PoC☆42Nov 4, 2023Updated 2 years ago
- Rewrite and obfuscate code in compiled binaries☆273Dec 13, 2025Updated 2 months ago
- Shellcode Loader Utilizing ETW Events☆67Feb 26, 2025Updated last year
- An App Domain Manager Injection DLL PoC on steroids☆212Dec 14, 2023Updated 2 years ago
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆73Apr 13, 2025Updated 10 months ago
- ForsHops☆59Mar 25, 2025Updated 11 months ago
- ☆42Feb 18, 2025Updated last year
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution☆43Oct 11, 2025Updated 4 months ago
- ☆86Jan 21, 2025Updated last year
- shell code example☆68Dec 12, 2025Updated 2 months ago
- Process injection alternative☆406Sep 6, 2024Updated last year
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆128Oct 4, 2024Updated last year
- Community Eventing and Scripting examples☆18Aug 11, 2025Updated 6 months ago
- Generate a PDB file given the old PDB file and an address mapping☆52Aug 3, 2025Updated 6 months ago
- Plugin interface for remote communications with Binary Ninja database and MCP server for interfacing with LLMs.☆59Feb 21, 2026Updated last week
- Cobalt Strike BOF for evasive .NET assembly execution☆308Mar 31, 2025Updated 11 months ago
- Permanently disable EDRs as local admin☆127Dec 19, 2025Updated 2 months ago