Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling
☆32Aug 7, 2019Updated 6 years ago
Alternatives and similar repositories for xPE
Users that are interested in xPE are comparing it to the libraries listed below
Sorting:
- Execute an arbitrary command within the context of another process☆21Jun 28, 2019Updated 6 years ago
- An example of PE hollowing injection technique☆25Jun 28, 2019Updated 6 years ago
- Kernel mode windows NT API logger☆22Sep 9, 2019Updated 6 years ago
- Analysis and Modification Tool for Executables☆17Mar 28, 2019Updated 6 years ago
- Convert PE files to a shellcode☆81May 7, 2020Updated 5 years ago
- ☆65Nov 12, 2022Updated 3 years ago
- easy to use vtable hook with RTTI support☆23Nov 12, 2019Updated 6 years ago
- Dump mapped PE files from memory to the disk☆20Jun 28, 2019Updated 6 years ago
- A simple DLL that can intercept HID messages and pass them on to the real HID DLL, while logging the data.☆23Oct 3, 2014Updated 11 years ago
- User-mode part of Zerokit platform☆22Mar 30, 2019Updated 6 years ago
- MouHidInputHook enables users to filter, modify, and inject mouse input data packets into the input data stream of HID USB mouse devices …☆11Jul 11, 2019Updated 6 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆17Sep 29, 2018Updated 7 years ago
- Windows hard shutdown shellcode. Don't need administrator rights.☆14Mar 31, 2016Updated 9 years ago
- Small project to generate fake DLLs based on an executable's import table☆24May 6, 2020Updated 5 years ago
- ☆18Dec 5, 2016Updated 9 years ago
- Zerokit shared code☆17Mar 28, 2019Updated 6 years ago
- v1版完成对PE头,区段,输入表的解析☆11Apr 16, 2018Updated 7 years ago
- (shard of furikuri project) assambler for code obfuscation☆19Oct 29, 2019Updated 6 years ago
- A wrapper library around native windows sytem APIs☆10Dec 23, 2019Updated 6 years ago
- Hide DLL / Hide Module / Hide Dynamic Link Library☆108May 28, 2019Updated 6 years ago
- Disabling Windows Defender & downloading payload☆21Jul 28, 2020Updated 5 years ago
- NimSkrull is an adaption from the original Skrull malware anti-copy DRM. Only for the anti-copy feature. (https://github.com/aaaddress1/S…☆13May 20, 2023Updated 2 years ago
- This project demonstares an illegal read- and write- access to the kernel-mode data for both allocated by 3rd party drivers and EPROCESS …☆13Mar 6, 2018Updated 7 years ago
- Kernel driver that uses Shared memory to communicate with UserMode☆87Apr 25, 2019Updated 6 years ago
- Simple windows API logger☆109Sep 19, 2019Updated 6 years ago
- C++ Host .NET CLR & Run a assembly directly from ressource (RT_RCDATA) without extraction disk.☆15Mar 18, 2023Updated 2 years ago
- Ransoblin (Ransomware Bokoblin)☆18Oct 4, 2020Updated 5 years ago
- init☆14Mar 16, 2020Updated 5 years ago
- DLL and API hooking example to hide running in a Terminal Session☆21Jun 5, 2020Updated 5 years ago
- A tool that reads a PE file from a byte array buffer and injects it into memory.☆28Aug 5, 2019Updated 6 years ago
- Python script to patch the reflective stub in a DLL☆24Apr 9, 2017Updated 8 years ago
- AppXSvc Arbitrary File Security Descriptor Overwrite EoP☆20Sep 15, 2019Updated 6 years ago
- A new binary injection technique, can easily go through any #CIG protected process and slip through all possible defenses without any inj…☆18Mar 8, 2018Updated 7 years ago
- Prototype of hijacking Windows driver dispatch routines in unmapped discardable sections☆55Mar 30, 2019Updated 6 years ago
- With this RunPE you can easily inject your payload in any x86 or x64 program.☆15Jun 3, 2019Updated 6 years ago
- Windows Process Injection Toolkit - plain and simple :)☆28Jul 29, 2018Updated 7 years ago
- Stealthy Injector that leverages a vulnerable driver and other exploits to remain undetected☆37Dec 10, 2018Updated 7 years ago
- Remote PE reflective injection with a simple reflective loader☆32Jun 28, 2019Updated 6 years ago
- Tools for detouring functions in C/C++.☆33Apr 6, 2025Updated 10 months ago