dr-anoroc / rawccopyLinks
Command line utility for copying files on NTFS using low level disk access
☆36Updated last year
Alternatives and similar repositories for rawccopy
Users that are interested in rawccopy are comparing it to the libraries listed below
Sorting:
- Runs programs as TrustedInstaller☆49Updated 6 years ago
- Sysmon shenanigans☆66Updated 4 years ago
- Small visualizator for PE files☆69Updated last year
- A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…☆97Updated 5 years ago
- Detours implementation (x64/x86) which used only ntdll import☆90Updated last year
- A Practical example of ELAM (Early Launch Anti-Malware)☆35Updated 3 years ago
- Weaponizing Gigabyte driver for priv escalation and bypass PPL☆68Updated 6 years ago
- The Console Monitor Driver is a KMDF kernel-mode filter driver that captures certain Fast I/O operations (input and output) that is sent …☆39Updated 2 years ago
- Enumerate various traits from Windows processes as an aid to threat hunting☆187Updated 3 years ago
- ☆82Updated 11 months ago
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆116Updated 2 years ago
- ☆82Updated 3 years ago
- Run Processes as PPL with ELAM☆166Updated 3 years ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆113Updated 4 years ago
- ☆25Updated 2 years ago
- ☆70Updated 5 months ago
- A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows☆53Updated 4 years ago
- ☆71Updated 2 years ago
- Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping☆62Updated 2 years ago
- Windows kernel PDB data parsed into YAML☆38Updated 8 months ago
- Enabled / Disable LSA Protection via BYOVD☆73Updated 3 years ago
- A ready-made template for a project based on libpeconv.☆49Updated 5 months ago
- An x64dbg plugin which marks XFG call signatures as data☆77Updated 2 years ago
- A small library helping to parse commandline parameters (for C/C++)☆57Updated 2 months ago
- ☆111Updated 2 years ago
- VBScript & VBA source-to-source deobfuscator with partial-evaluation☆80Updated 11 months ago
- Winbindex bot to pull in binaries for specific releases☆48Updated last year
- Titan: A crappy Reflective Loader written in C and assembly for Cobalt Strike. Redirects DNS Beacon over DoH☆54Updated 3 years ago
- API Set Viewer☆91Updated 6 months ago
- A Bumblebee-inspired Crypter☆79Updated 2 years ago