danielkrupinski / x86RetSpoof
Invoke functions with a spoofed return address. For 32-bit Windows binaries. Supports __fastcall, __thiscall, __stdcall and __cdecl calling conventions. Written in C++17.
☆168Updated last year
Related projects ⓘ
Alternatives and complementary repositories for x86RetSpoof
- Module extending manual mapper☆309Updated 4 years ago
- The program draws with win32k gdi functions in the kernel while NtGdiDdDDISubmitCommand is being hooked.☆251Updated 4 years ago
- windows syscalls with a single line and a high level of abstraction. has modern cpp20 wrappers and utilities, range-based DLL and export …☆139Updated last week
- Proof of concept on how to bypass some limitations of a manual mapped driver☆164Updated 4 years ago
- 09/2021 reversal of EasyAntiCheat driver☆204Updated 2 years ago
- A kernelmode driver swapping a .data pointer in the kernel to perform communication between the kernel and usermode.☆137Updated 4 years ago
- BattlEye shellcodes tester☆136Updated 2 years ago
- ☆212Updated 2 years ago
- undetected eac mapper☆163Updated 2 years ago
- Memory hacking library powered by AMD SVM☆297Updated last year
- manually map driver for a signed driver memory space☆138Updated 3 years ago
- Emulate Drivers in RING3 with self context mapping or unicorn☆302Updated 2 years ago
- Stealthy UM <-> KM communication system without creating any system threads, permanent hooks, driver objects, section objects or device o…☆360Updated 8 months ago
- Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.☆279Updated 3 years ago
- Kernel mode bypass for BattlEye, EAC☆186Updated last year
- An Injector that can inject dll into game process protected by anti cheat using SetWindowsHookEx.☆238Updated 5 years ago
- Using CVE-2021-40449 to manual map kernel mode driver☆99Updated 2 years ago
- get_module, read/write mem, mouse emulation☆301Updated 4 years ago
- csgo external running from kernelmode☆103Updated last year
- Kernel mode driver for reading/writing process memory. C/Win32.☆278Updated 6 years ago
- Windows kernel samples☆247Updated 5 years ago
- ☆139Updated 3 years ago
- ☆121Updated 2 years ago
- Hooking kernel functions by abusing alignment☆238Updated 3 years ago
- Drawing from kernelmode without any hooks☆159Updated 2 years ago
- A mapper that maps shellcode into loaded large page drivers☆229Updated 2 years ago
- ☆177Updated 2 years ago
- Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executabl…☆290Updated 2 years ago
- A mini anti-anti debug hooking library for Windows.☆103Updated 3 years ago