call-042PE / UCantSeeM3Links
Hiding your process in ProcessHacker,Task Manager,etc by patching NtQuerySystemInformation
☆88Updated 4 years ago
Alternatives and similar repositories for UCantSeeM3
Users that are interested in UCantSeeM3 are comparing it to the libraries listed below
Sorting:
- A Bumblebee-inspired Crypter☆79Updated 2 years ago
- 💻 Windows 10 Kernel-mode rootkit☆32Updated 2 years ago
- Bypassing windows uac, however its an old approach/method but its still unpatched ¯\_(ツ)_/¯☆43Updated 3 years ago
- A string obfuscator for .NET apps, built to evade static string analysis.☆106Updated 2 years ago
- Bypass Malware Time Delays☆103Updated 2 years ago
- Extracting Syscall Stub, Modernized☆66Updated 3 years ago
- A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows☆53Updated 4 years ago
- Shellcodev is a tool designed to help and automate the process of shellcode creation.☆110Updated last year
- A novel technique to communicate between threads using the standard ETHREAD structure☆113Updated 4 years ago
- How to spoof the command line when spawning a new process from C#.☆107Updated 3 years ago
- Easy XOR string encryption for NET based binaries☆139Updated last year
- Bypass UAC by abusing the Internet Explorer Add-on installer☆54Updated 4 years ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆106Updated 4 years ago
- Evasive Process Hollowing Techniques☆142Updated 5 years ago
- Read my blog for more info -☆31Updated 4 years ago
- 64bit Windows 10 shellcode that adds user BOKU:SP3C1ALM0V3 to the system and the localgroups Administrators & "Remote Desktop Users"☆40Updated 4 years ago
- simple user-mode Rootkit☆105Updated 2 years ago
- AmsiScanBufferBypass using D/Invoke☆135Updated 4 years ago
- A small tool I made to dump the export table of PE files. The primary use case was intended for use within DLL proxying.☆71Updated 3 years ago
- ☆83Updated last year
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆89Updated 2 years ago
- A Poc on blocking Procmon from monitoring network events☆106Updated 3 weeks ago
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆72Updated 4 years ago
- Simple x86 Trampoline Hook☆41Updated 3 years ago
- Deleting Shadow Copies In Pure C++☆114Updated 2 years ago
- Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users☆42Updated 2 years ago
- DLL Hollowing PoC - Remote and Self shellcode injection☆80Updated 3 years ago
- Bypass UAC at any level by abusing the Task Scheduler and environment variables☆31Updated 4 years ago
- Overwrite a process's recovery callback and execute with WER☆103Updated 3 years ago
- ☆16Updated 3 years ago