dadas190 / Heavens-Gate-2.0View external linksLinks
Executes 64bit code from a 32bit process
☆241Jul 23, 2017Updated 8 years ago
Alternatives and similar repositories for Heavens-Gate-2.0
Users that are interested in Heavens-Gate-2.0 are comparing it to the libraries listed below
Sorting:
- A modern c++ implementation of windows heavens gate☆244Sep 19, 2020Updated 5 years ago
- A more stealthy variant of "DLL hollowing"☆363Mar 8, 2024Updated last year
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆239Nov 6, 2019Updated 6 years ago
- PoC: Exploit 32-bit Thread Snapshot of WOW64 to Take Over $RIP & Inject & Bypass Antivirus HIPS (HITB 2021)☆167May 27, 2021Updated 4 years ago
- Helper library for x86 programs that runs under WOW64 layer on x64 versions of Microsoft Windows operating systems.☆1,000Jan 17, 2023Updated 3 years ago
- Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted fi…☆682Mar 11, 2024Updated last year
- LoadLibrary for offensive operations☆1,174Oct 22, 2021Updated 4 years ago
- Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging☆581Mar 8, 2024Updated last year
- Yet another variant of Process Hollowing☆426Jul 31, 2025Updated 6 months ago
- Obfuscate specific windows apis with different apis☆1,021Feb 21, 2021Updated 4 years ago
- PoC: Rebuild A New Path Back to the Heaven's Gate (HITB 2021)☆109May 27, 2021Updated 4 years ago
- UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red …☆349Jul 3, 2022Updated 3 years ago
- A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…☆97Sep 26, 2019Updated 6 years ago
- AV/EDR evasion via direct system calls.☆1,789Sep 3, 2022Updated 3 years ago
- FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!☆357Sep 1, 2022Updated 3 years ago
- An improvement of the original reflective DLL injection technique by Stephen Fewer of Harmony Security☆341Jul 30, 2017Updated 8 years ago
- Inline syscalls made easy for windows on clang☆732Jun 21, 2024Updated last year
- ntdll.h - compatible with MSVC 6.0, Intel C++ Compiler and MinGW. Serves as a complete replacement for Windows.h☆149Jun 16, 2019Updated 6 years ago
- My implementation of enSilo's Process Doppelganging (PE injection technique)☆637Aug 30, 2022Updated 3 years ago
- Heaven's Gate implementation in C for constructing x64 Win32 API call in x86 WoW64 processes.☆80Nov 6, 2021Updated 4 years ago
- A kernel mode Windows rootkit in development.☆49Dec 31, 2021Updated 4 years ago
- Some garbage drivers written for getting started☆66Dec 31, 2019Updated 6 years ago
- Library that allows you to run 64bit code on a Wow64 32bit process☆148May 17, 2017Updated 8 years ago
- It stinks☆105Apr 22, 2022Updated 3 years ago
- NINA: No Injection, No Allocation x64 Process Injection Technique☆227Jun 9, 2020Updated 5 years ago
- Phantom DLL hollowing PoC☆370May 23, 2022Updated 3 years ago
- In-Memory PE Loader☆377Oct 7, 2019Updated 6 years ago
- TartarusGate, Bypassing EDRs☆649Jan 25, 2022Updated 4 years ago
- ☆169Jan 7, 2022Updated 4 years ago
- RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, …☆502Jan 25, 2022Updated 4 years ago
- An obfuscation tool for Windows which instruments the Windows Loader into acting as an unpacking engine.☆314Oct 18, 2018Updated 7 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆71May 11, 2022Updated 3 years ago
- c++ implementation of windows heavens gate☆70Feb 12, 2021Updated 5 years ago
- Silence EDRs by removing kernel callbacks☆239Dec 7, 2020Updated 5 years ago
- A Windows kernel-mode rootkit that abuses legitimate communication channels to control a machine.☆723Aug 5, 2020Updated 5 years ago
- Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…☆218Feb 20, 2023Updated 2 years ago
- X86 version of syswhispers2 / x86 direct system call☆330Jan 28, 2021Updated 5 years ago
- Converts PE into a shellcode☆2,734Aug 30, 2025Updated 5 months ago
- ☆825Dec 28, 2019Updated 6 years ago