codingtest / r0ak

Related projects ⓘ

Alternatives and complementary repositories for r0ak

• mgeeky / prc_xchk
  User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.
  ☆18Updated 8 years ago
• d35ha / xPE
  Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling
  ☆30Updated 5 years ago
• lallouslab / Ganxo_
  An opensource API hooking framework
  ☆21Updated 4 years ago
• securesean / Shim-Process-Scanner
  Windows x64 Process Scanner to detect application compatability shims
  ☆36Updated 6 years ago
• deroko / activationcontexthook
  ☆33Updated 7 years ago
• JKornev / cfgdump
  Windbg extension that allows you analyze Control Flow Guard map
  ☆36Updated 3 years ago
• DissectMalware / WinNativeIO
  Using Undocumented NTDLL Functions to Read/Write/Delete File
  ☆18Updated 3 years ago
• own2pwn / r0ak
  r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems
  ☆26Updated 6 years ago
• h4xu3lyn / NTLib
  Headers for linking your software with ntdll.dll
  ☆15Updated 4 years ago
• JKornev / NTlib
  Static library and headers for linking your software with ntdll.dll
  ☆30Updated 4 years ago
• 0xcpu / exthost
  A POC for Windows Extension Host hooking
  ☆22Updated 5 years ago
• deroko / SPPLUAObjectUacBypass
  ☆45Updated 6 years ago
• wes4m / unHooker
  Kernel (Ring0) - SSDT unhook driver
  ☆13Updated 6 years ago
• n3k / misc_exploits_pocs
  Miscellaneous old Exploit code and PoCs
  ☆15Updated last month
• owerosu / packerPE32
  Simple PE packer with RtlCompressBuffer
  ☆21Updated 9 years ago
• secrary / findLoop
  findLoop - find possible encryption/decryption or compression/decompression code
  ☆26Updated 5 years ago
• hasherezade / loaderine
  A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.
  ☆19Updated 6 years ago
• d35ha / xKeLogger
  Kernel mode windows NT API logger
  ☆21Updated 5 years ago
• EngineOwningSoftware / HWBRK
  Windows x86 Hardware Breakpoint class for Windows >Vista
  ☆22Updated 8 years ago
• revsic / CodeInjection
  Code Injection technique written in cpp language
  ☆31Updated 6 years ago
• zodiacon / AccessMask
  ☆18Updated 5 years ago
• Darkabode / amte
  Analysis and Modification Tool for Executables
  ☆16Updated 5 years ago
• therealdreg / Win.Cerdalux
  WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs
  ☆16Updated last year
• zhuyue1314 / stoned-UEFI-bootkit
  ☆27Updated 9 years ago
• zhuhuibeishadiao / exploit-RemoteDesktopServerDriver
  exploit termdd.sys(support kb4499175)
  ☆57Updated 5 years ago
• dro / uac-launchinf-poc
  Windows 10 UAC bypass PoC using LaunchInfSection
  ☆34Updated 6 years ago
• Darkabode / possessor
  User-mode part of Zerokit platform
  ☆20Updated 5 years ago
• Fyyre / directntapi
  DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10
  ☆52Updated 8 months ago