danielkrupinski/x86RetSpoof external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

danielkrupinski/x86RetSpoof

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/danielkrupinski/x86RetSpoof)

Close

danielkrupinski / x86RetSpoofView on GitHubMore

• External links
• Readme badge

Invoke functions with a spoofed return address. For 32-bit Windows binaries. Supports __fastcall, __thiscall, __stdcall and __cdecl calling conventions. Written in C++17.

☆175Feb 17, 2023Updated 3 years ago

Alternatives and similar repositories for x86RetSpoof

Users that are interested in x86RetSpoof are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• lennyRBLX / ret_addr_spoofer

  View on GitHub
  Compileable POC of namazso's x64 return address spoofer.
  ☆50Jun 10, 2020Updated 5 years ago
• waryas / KACE

  View on GitHub
  Emulate Drivers in RING3 with self context mapping or unicorn
  ☆366Aug 18, 2022Updated 3 years ago
• Barracudach / CallStack-Spoofer

  View on GitHub
  This tool will allow you to spoof the return addresses of your functions as well as system functions.
  ☆556Nov 12, 2022Updated 3 years ago
• Darkratos / Spoofed-Call

  View on GitHub
  A wrapper class to hide the original calling address of a function
  ☆55Aug 9, 2020Updated 5 years ago
• Astronaut00 / DoubleDataPointer

  View on GitHub
  Allows you to communicate with the kernel mode to manipulate memory in a stealthy way to avoid kernel anticheats.
  ☆172May 8, 2022Updated 3 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• POPFD / HypervisorBase

  View on GitHub
  A library for intel VT-x hypervisor functionality supporting EPT shadowing.
  ☆51Mar 11, 2021Updated 5 years ago
• estimated1337 / hidden_syscall

  View on GitHub
  hidden_syscall - syscaller without using syscall instruction in code
  ☆68Jan 23, 2023Updated 3 years ago
• mike1k / perses

  View on GitHub
  X86 Mutation Engine with Portable Executable compatibility.
  ☆536May 24, 2022Updated 3 years ago
• SDXT / MMInject

  View on GitHub
  Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL
  ☆219Nov 12, 2020Updated 5 years ago
• dnz-c / proxyproc

  View on GitHub
  read / write memory from a proxy process by injecting shellcode
  ☆20Dec 23, 2025Updated 3 months ago
• KANKOSHEV / Detect-HiddenThread-via-KPRCB

  View on GitHub
  Detect removed thread from PspCidTable.
  ☆75Mar 18, 2022Updated 4 years ago
• SamuelTulach / meme-rw

  View on GitHub
  Archive R/W into any protected process by changing the value of KTHREAD->PreviousMode
  ☆162Jul 31, 2022Updated 3 years ago
• jonomango / nohv

  View on GitHub
  Kernel driver for detecting Intel VT-x hypervisors.
  ☆202Jul 11, 2023Updated 2 years ago
• Deputation / hygieia

  View on GitHub
  Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.
  ☆151Feb 12, 2022Updated 4 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• 1401199262 / Hook-KdTrap

  View on GitHub
  ☆225Mar 11, 2023Updated 3 years ago
• armasm / EasyAntiPatchGuard

  View on GitHub
  Easy Anti PatchGuard
  ☆222Apr 9, 2021Updated 4 years ago
• thesecretclub / window_hijack

  View on GitHub
  Rendering on external windows via hijacking thread contexts
  ☆406Jun 28, 2020Updated 5 years ago
• Zpes / syscall-direct

  View on GitHub
  ☆36Mar 27, 2022Updated 4 years ago
• gmh5225 / CallMeWin32kDriver

  View on GitHub
  Load your driver like win32k.sys
  ☆258Aug 20, 2022Updated 3 years ago
• zyhp / vac3_inhibitor

  View on GitHub
  VAC3 (Valve Anti-Cheat) disabler/inhibitor/bypass
  ☆340Mar 2, 2023Updated 3 years ago
• danielkrupinski / StringPool

  View on GitHub
  A performant and memory efficient storage for immutable strings with C++17. Supports all standard char types: char, wchar_t, char16_t, ch…
  ☆59May 2, 2022Updated 3 years ago
• EBalloon / MapPage

  View on GitHub
  Mapping your code on a 0x1000 size page
  ☆71May 20, 2022Updated 3 years ago
• KANKOSHEV / Detect-MouseClassServiceCallback

  View on GitHub
  mouseclassservicecallback detection via hook
  ☆54Feb 7, 2022Updated 4 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• FiYHer / InfinityHookPro

  View on GitHub
  InfinityHookPro Win7 -> Win11 latest
  ☆553Feb 7, 2023Updated 3 years ago
• btbd / smap

  View on GitHub
  DLL scatter manual mapper
  ☆813Apr 10, 2021Updated 4 years ago
• crvvdev / intraceptor

  View on GitHub
  Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.
  ☆31May 18, 2022Updated 3 years ago
• ekknod / Nmi

  View on GitHub
  Old way for blocking NMI interrupts
  ☆29Sep 6, 2022Updated 3 years ago
• sondernextdoor / Poseidon

  View on GitHub
  Stealthy UM <-> KM communication system without creating any system threads, permanent hooks, driver objects, section objects or device o…
  ☆381Mar 15, 2024Updated 2 years ago
• EBalloon / Rw-No-Attach

  View on GitHub
  ☆158May 21, 2024Updated last year
• wallds / NoVmpy

  View on GitHub
  ☆429Jan 1, 2025Updated last year
• mike1k / HookHunter

  View on GitHub
  Analyze patches in a process
  ☆261Jul 28, 2021Updated 4 years ago
• anzelesnik / SyscallHook

  View on GitHub
  System call hook for Windows 10 20H1
  ☆495Jun 26, 2021Updated 4 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• ekknod / acdrv

  View on GitHub
  base for testing
  ☆188Sep 28, 2024Updated last year
• lennyRBLX / manual_exception_handling

  View on GitHub
  Handling C++ & __try exceptions without the need of built-in handlers.
  ☆77Aug 28, 2021Updated 4 years ago
• JustasMasiulis / inline_syscall

  View on GitHub
  Inline syscalls made easy for windows on clang
  ☆736Jun 21, 2024Updated last year
• ekknod / MouseClassServiceCallbackTrick

  View on GitHub
  ☆64Sep 28, 2022Updated 3 years ago
• SamuelTulach / DirectPageManipulation

  View on GitHub
  A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy
  ☆103Jun 26, 2023Updated 2 years ago
• boom-cr3 / NotifyRoutineHijackThread

  View on GitHub
  Hijack NotifyRoutine for a kernelmode thread
  ☆41Jun 4, 2022Updated 3 years ago
• KANKOSHEV / Detect-KeAttachProcess

  View on GitHub
  Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.
  ☆121Feb 8, 2022Updated 4 years ago