buzzer-re / Shinigami

Related projects ⓘ

Alternatives and complementary repositories for Shinigami

• YoavLevi / IAT-Tracer
  An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…
  ☆110Updated 4 months ago
• CognisysGroup / SweetDreams
  Implementation of Advanced Module Stomping and Heap/Stack Encryption
  ☆210Updated last year
• therealdreg / masm32-kernel-programming
  masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)
  ☆115Updated last year
• zodiacon / Recon2023
  Recon 2023 slides and code
  ☆79Updated last year
• struppigel / hedgehog-tools
  ☆111Updated last week
• jstrosch / sclauncher
  A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …
  ☆125Updated 4 months ago
• xalicex / Killers
  Exploitation of process killer drivers
  ☆188Updated last year
• Unprotect-Project / Unprotect_Submission
  Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…
  ☆139Updated this week
• floesen / KExecDD
  Admin to Kernel code execution using the KSecDD driver
  ☆236Updated 7 months ago
• vvelitkn / Evasion-Escaper
  Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…
  ☆99Updated last year
• Idov31 / Jormungandr
  Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
  ☆221Updated last year
• ZeroMemoryEx / Handle-Ripper
  simple Windows handle hijacker with a nod to Apxaey for inspiration
  ☆201Updated last year
• XaFF-XaFF / Kernel-Process-Hollowing
  Windows x64 kernel mode rootkit process hollowing POC.
  ☆182Updated last year
• imperva / frida-jit-unpacker
  The Frida-Jit-unPacker aims at helping researchers and analysts understand the behavior of packed malicious .NET samples.
  ☆54Updated 7 months ago
• VirtualAlllocEx / Direct-Syscalls-vs-Indirect-Syscalls
  The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls
  ☆164Updated 10 months ago
• connormcgarr / EATGuard
  Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)
  ☆93Updated last year
• ZeroMemoryEx / SleepKiller
  Bypass Malware Time Delays
  ☆97Updated 2 years ago
• ZeroMemoryEx / Tokenizer
  Kernel Mode Driver for Elevating Process Privileges
  ☆130Updated last year
• exploits-forsale / 24h2-nt-exploit
  Exploit targeting NT kernel in 24H2 Windows Insider Preview
  ☆111Updated 6 months ago
• kkent030315 / CVE-2022-42046
  CVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation via DKOM
  ☆162Updated last year
• SaadAhla / BlockOpenHandle
  Block any Process to open HANDLE to your process , only SYTEM is allowed to open handle to your process ,with that you can avoid remote m…
  ☆165Updated last year
• oldboy21 / RflDllOb
  Reflective DLL Injection Made Bella
  ☆200Updated last month
• kleiton0x00 / Proxy-DLL-Loads
  A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.
  ☆325Updated 5 months ago
• realoriginal / angryorchard
  A kernel vulnerability used to achieve arbitrary read-write on Windows prior to July 2022
  ☆105Updated last year
• rad9800 / hwbp4mw
  ☆210Updated last year
• WithSecureLabs / GarbageMan
  GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.
  ☆114Updated last year
• Maldev-Academy / GhostlyHollowingViaTamperedSyscalls
  Implementing the ghostly hollowing PE injection technique using tampered syscalls.
  ☆125Updated 5 months ago
• janoglezcampos / llvm-yx-callobfuscator
  LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
  ☆260Updated 10 months ago