dearfuture / WindowsHack
☆16Updated 5 years ago
Related projects: ⓘ
- Fixed memory overflow issue in ProcessHider.☆16Updated 6 years ago
- 几个UAC Bypass的方法☆12Updated 6 years ago
- ☆38Updated this week
- ☆26Updated 5 years ago
- ☆26Updated 7 years ago
- windows inlinehook R3 R0☆11Updated 6 years ago
- PEBFake(修改PEB 伪装当前进程路径、参数等)☆49Updated 3 years ago
- 绕过卡巴斯基主动防御,加载驱动,unhook所有ssdt hook及shadow ssdt hook☆36Updated 8 years ago
- x86/x64 dll injector☆28Updated 2 years ago
- 粗暴地枚举管理内核的WFP对象。 Manage kernel WFPs in a brutal way.☆26Updated 6 years ago
- map driver to memory☆25Updated 6 years ago
- windows rpc 使用MIDL+RPC实现HelloWorld☆20Updated 6 years ago
- windows 黑客技术编程技术详解配套的代码资源☆14Updated 4 years ago
- 驱动层拦截web访问源码☆29Updated 6 years ago
- For Example. See Miro's Blog☆29Updated last year
- Open-source EDR kernel-component for system monitoring and DLL injection☆30Updated 3 years ago
- 无模块注入工程 VS2008☆11Updated 6 years ago
- 编译时混淆字符串,以确保生成的二进制PE不会暴漏明文字符串。(C++ 14 及以上)☆23Updated 2 years ago
- ☆18Updated 6 years ago
- 一个早期的抗启发式查杀的WIN32免杀壳☆44Updated 11 years ago
- Easily hook WIN32 x64 functions☆17Updated 3 years ago
- Enumerate the DLLs/Modules using NtQueryVirtualMemory☆33Updated 9 years ago
- Basic Injector running on x64 machines that is able to load into x64 AND x86 processes☆20Updated 5 years ago
- Map memory to user space and manipulate user memory, using capmon☆23Updated 5 years ago
- 以shellcode注入其它驱动执行,躲避驱动签名检测,曾pubg项目中使用,,,当然现在,,,☆28Updated last year
- ☆39Updated 4 years ago
- ☆24Updated this week
- x64 Kernel Hooks Detection☆24Updated 7 years ago
- Protected Process Light Library☆18Updated 4 years ago
- 卓然主动防御源码(可执行文件+完整源码+完整作品报告)☆14Updated 5 years ago