call-042PE / UCantSeeM3

Related projects ⓘ

Alternatives and complementary repositories for UCantSeeM3

• knight0x07 / BumbleCrypt
  A Bumblebee-inspired Crypter
  ☆80Updated last year
• dr4k0nia / MurkyStrings
  A string obfuscator for .NET apps, built to evade static string analysis.
  ☆100Updated last year
• Intrus1ve / Runpe-ProcessHollowing
  Fud Runpe Av Evasion / All Av Bypass
  ☆31Updated last year
• XaFF-XaFF / ZwProcessHollowing
  ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption
  ☆78Updated last year
• exploitblizzard / Windows-Privilege-Escalation-CVE-2021-1732
  Read my blog for more info -
  ☆32Updated 3 years ago
• exploitblizzard / UAC-Bypass
  Bypassing windows uac, however its an old approach/method but its still unpatched ¯\_(ツ)_/¯
  ☆42Updated 3 years ago
• AzAgarampur / byeintegrity9-uac
  ☆35Updated last year
• iilegacyyii / ExportDumper
  A small tool I made to dump the export table of PE files. The primary use case was intended for use within DLL proxying.
  ☆68Updated 2 years ago
• xenoscr / manual-syscall-detect
  A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks.
  ☆105Updated 2 years ago
• XaFF-XaFF / Shellcodev
  Shellcodev is a tool designed to help and automate the process of shellcode creation.
  ☆100Updated last year
• ZeroMemoryEx / URootkit
  user-mode Rootkit
  ☆98Updated 2 years ago
• xalicex / Get-DLL-and-Function-Addresses
  GetModuleHandle (via PEB) and GetProcAddress (via EAT) like
  ☆32Updated 2 years ago
• ethereal-vx / Persistence
  Recreating and reviewing the Windows persistence methods
  ☆39Updated 3 years ago
• Hemogl0bin / drvscanner
  Scan for potentially vulnerable drivers
  ☆80Updated 2 years ago
• Wra7h / ARCInject
  Overwrite a process's recovery callback and execute with WER
  ☆102Updated 2 years ago
• AzAgarampur / byeintegrity2-uac
  Bypass UAC by abusing the Internet Explorer Add-on installer
  ☆50Updated 3 years ago
• mrexodia / lolbin-poc
  Small PoC of using a Microsoft signed executable as a lolbin.
  ☆133Updated last year
• NtQuerySystemInformation / NlsCodeInjectionThroughRegistry
  Dll injection through code page id modification in registry. Based on jonas lykk research
  ☆117Updated last year
• tasox / CSharp_Process_Injection
  ☆63Updated 9 months ago
• DanielAvinoam / TheSubZeroProject
  A multi-staged malware that contains a kernel mode rootkit and a remote system shell.
  ☆69Updated 3 years ago
• nqntmqmqmb / pePolymorpher
  A tool implementing process hollowing making your PE polymorphic
  ☆14Updated 4 years ago
• DGRonpa / Process_Injection
  ☆22Updated 2 years ago
• LloydLabs / process-enumeration-stealth
  ☆76Updated 2 months ago
• GetRektBoy724 / TripleS
  Extracting Syscall Stub, Modernized
  ☆61Updated 2 years ago
• realoriginal / bootdoor
  An initial proof of concept of a bootkit based on Cr4sh's DMABackdoorBoot
  ☆59Updated last year
• realoriginal / foliage
  A proof of concept I developed to improve Gargoyle back in 2018 to achieve true memory obfuscation from position independent code
  ☆39Updated 2 months ago
• irql / CVE-2021-31728
  vulnerability in zam64.sys, zam32.sys allowing ring 0 code execution. CVE-2021-31727 and CVE-2021-31728 public reference.
  ☆89Updated 3 years ago
• EvaStanAccount / MalwareDev
  ☆15Updated 3 years ago
• LloydLabs / dearg-thread-ipc-stealth
  A novel technique to communicate between threads using the standard ETHREAD structure
  ☆110Updated 3 years ago
• NtRaiseHardError / NINA
  NINA: No Injection, No Allocation x64 Process Injection Technique
  ☆196Updated 4 years ago