d35ha / xObfLinks
Simple x86/x86_64 instruction level obfuscator based on a basic SBI engine
☆274Updated 2 years ago
Alternatives and similar repositories for xObf
Users that are interested in xObf are comparing it to the libraries listed below
Sorting:
- x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration☆357Updated 3 years ago
- x86 PE Mutator☆226Updated 2 years ago
- Load your driver like win32k.sys☆257Updated 3 years ago
- Browse Page Tables on Windows (Page Table Viewer)☆216Updated 3 years ago
- Analyze patches in a process☆256Updated 4 years ago
- Debugger Anti-Detection Benchmark☆365Updated last month
- A modern c++ implementation of windows heavens gate☆229Updated 5 years ago
- Kernel LdrLoadDll injector☆265Updated 6 years ago
- Single header version of System Informer's phnt library.☆230Updated last week
- x64 Windows PatchGuard bypass, register process-creation callbacks from unsigned code☆206Updated 4 years ago
- Windows inline hooking tool.☆288Updated 6 years ago
- Bypassing PatchGuard on modern x64 systems☆267Updated 2 years ago
- Native code virtualizer for x64 binaries☆504Updated 9 months ago
- An x86-64 Code Virtualizer☆284Updated last year
- A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.☆139Updated 3 years ago
- A mapper that maps shellcode into loaded large page drivers☆299Updated 3 years ago
- x86 Binary Code Virtualization Tool☆221Updated 7 months ago
- Hooking Windows' exception dispatcher to protect process's PML4☆198Updated 8 months ago
- Vectored Exception Handling Hooking Class☆164Updated 6 years ago
- Demo proof of concept for shadow regions, and implementation of HyperDeceit.☆298Updated 2 years ago
- Elevate a process to be a protected process☆153Updated 6 years ago
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆305Updated 11 months ago
- ☆189Updated 3 years ago
- load unsigned kernel-driver by patching dse in 248 lines☆134Updated last year
- This tool will allow you to spoof the return addresses of your functions as well as system functions.☆516Updated 2 years ago
- Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling withou…☆233Updated 11 months ago
- This project migrated to https://github.com/backengineering/llvm-msvc☆144Updated 2 years ago
- Easy Anti PatchGuard☆223Updated 4 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆255Updated 3 years ago
- State of the art DLL injector that took 20 minutes to make☆220Updated 2 years ago