call-042PE / UCantSeeM3Links
Hiding your process in ProcessHacker,Task Manager,etc by patching NtQuerySystemInformation
☆88Updated 4 years ago
Alternatives and similar repositories for UCantSeeM3
Users that are interested in UCantSeeM3 are comparing it to the libraries listed below
Sorting:
- A Bumblebee-inspired Crypter☆79Updated 2 years ago
- Bypassing windows uac, however its an old approach/method but its still unpatched ¯\_(ツ)_/¯☆43Updated 3 years ago
- A string obfuscator for .NET apps, built to evade static string analysis.☆106Updated 2 years ago
- Shellcodev is a tool designed to help and automate the process of shellcode creation.☆110Updated last year
- Small PoC of using a Microsoft signed executable as a lolbin.☆138Updated 2 years ago
- Deleting Shadow Copies In Pure C++☆114Updated 2 years ago
- Extracting Syscall Stub, Modernized☆65Updated 3 years ago
- Evasive Process Hollowing Techniques☆140Updated 5 years ago
- A small tool I made to dump the export table of PE files. The primary use case was intended for use within DLL proxying.☆71Updated 3 years ago
- Bypass Malware Time Delays☆103Updated 2 years ago
- 💻 Windows 10 Kernel-mode rootkit☆32Updated 3 years ago
- A Poc on blocking Procmon from monitoring network events☆106Updated last month
- (Sim)ulate (Ba)zar Loader☆29Updated 4 years ago
- Overwrite a process's recovery callback and execute with WER☆103Updated 3 years ago
- A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows☆53Updated 4 years ago
- Simple x86 Trampoline Hook☆41Updated 3 years ago
- ☆40Updated 4 years ago
- How to spoof the command line when spawning a new process from C#.☆108Updated 3 years ago
- NINA: No Injection, No Allocation x64 Process Injection Technique☆226Updated 5 years ago
- Recreating and reviewing the Windows persistence methods☆39Updated 3 years ago
- AmsiScanBufferBypass using D/Invoke☆136Updated 4 years ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆114Updated 4 years ago
- Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users☆42Updated 2 years ago
- simple user-mode Rootkit☆105Updated 2 years ago
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆90Updated 2 years ago
- Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.☆103Updated 3 years ago
- 64bit Windows 10 shellcode that adds user BOKU:SP3C1ALM0V3 to the system and the localgroups Administrators & "Remote Desktop Users"☆40Updated 4 years ago
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆74Updated 4 years ago
- Bypass UAC at any level by abusing the Task Scheduler and environment variables☆31Updated 4 years ago
- SharpASM is a C# project that aims to automate ASM (i.e. shellcode) execution in .NET programs by exploiting code caves in RWX sections a…☆58Updated 3 years ago