Kernel mode windows NT API logger
☆22Sep 9, 2019Updated 6 years ago
Alternatives and similar repositories for xKeLogger
Users that are interested in xKeLogger are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Execute an arbitrary command within the context of another process☆21Jun 28, 2019Updated 6 years ago
- Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling☆32Aug 7, 2019Updated 6 years ago
- An example of PE hollowing injection technique☆25Jun 28, 2019Updated 6 years ago
- v1版完成对PE头,区段,输入表的解析☆11Apr 16, 2018Updated 7 years ago
- a sandbox project by sudami☆17Jul 31, 2018Updated 7 years ago
- Zerokit shared code☆17Mar 28, 2019Updated 6 years ago
- executing JS from x86 code☆27May 9, 2019Updated 6 years ago
- Analysis and Modification Tool for Executables☆17Mar 28, 2019Updated 6 years ago
- WORK IN PROGRESS. RAT written in C++ using Win32 API☆20Sep 12, 2019Updated 6 years ago
- May the POC be with you☆66Feb 21, 2026Updated last month
- A driver that supports communication between a Windows guest and HyperWin☆15Jan 6, 2021Updated 5 years ago
- This is a project to receive Base64 data and decode it in process☆15Mar 16, 2020Updated 6 years ago
- Some crazy PE executables protection kernel driver☆20May 2, 2020Updated 5 years ago
- x64dbg scripts for finding OEP of packers☆15Oct 22, 2018Updated 7 years ago
- Dump mapped PE files from memory to the disk☆20Jun 28, 2019Updated 6 years ago
- Malware vulnerability research. Coming soon..☆12Apr 20, 2020Updated 5 years ago
- User-mode part of Zerokit platform☆22Mar 30, 2019Updated 6 years ago
- hooking KiUserApcDispatcher☆27Apr 3, 2017Updated 8 years ago
- Map memory to user space and manipulate user memory, using capmon☆24Nov 3, 2018Updated 7 years ago
- Local privilege escalation PoC exploit for CVE-2019-16098☆201Sep 13, 2019Updated 6 years ago
- A simple kernel mode driver that hooks some values at the KUSER_SHARED_DATA structure.☆27Jan 7, 2020Updated 6 years ago
- simply manual map any system image☆18Feb 1, 2021Updated 5 years ago
- Detects if a Kernel mode debugger is active by reading the value of KUSER_SHARED_DATA.KdDebuggerEnabled. It is a high level and portable …☆23Sep 18, 2017Updated 8 years ago
- IDA script for vmprotect Windows Api address decoder☆54Jun 8, 2021Updated 4 years ago
- My articles for Paged Out! #2☆17Nov 20, 2019Updated 6 years ago
- Various shellcodes☆12Sep 1, 2020Updated 5 years ago
- ☆29Jan 15, 2021Updated 5 years ago
- Undocumented NsiAllocateAndGetTable usage in GetTcpTableInternal reverse engineered on Win7 X64☆20Apr 7, 2018Updated 7 years ago
- PoC code for CVE-2018-15499 (exploit race condition for BSoD)☆11Aug 23, 2018Updated 7 years ago
- Window Executable file Function tracer using Debugging API☆44Sep 26, 2019Updated 6 years ago
- Windows system spy for Mouse, Keyboard and Gamepad(Joystick).☆15Jul 6, 2022Updated 3 years ago
- Remote execution tool☆14Jan 14, 2014Updated 12 years ago
- ☆65Nov 12, 2022Updated 3 years ago
- The exploit for Panda AV LPE☆37May 22, 2019Updated 6 years ago
- NASM listing to shellcode converter☆14May 6, 2018Updated 7 years ago
- ☆50Mar 21, 2019Updated 7 years ago
- OD反汇编引擎精简版,只适合x86系统,可嵌入驱动程序。☆10Mar 29, 2018Updated 7 years ago
- Exploiting HEVD's WriteWhatWhereIoctlDispatch for LPE on Windows 10 TH2 through RS3 using GDI objects.☆24Jan 23, 2018Updated 8 years ago
- WhoCalls can query a directory of files, find the binaries, and search for a user specified Win API import. It and works with both 32-bit…☆18Jul 2, 2022Updated 3 years ago