edix / MyTerminateProcess
Terminates a process by using DuplicateHandle and DUPLICATE_CLOSE_SOURCE flag.
☆9Updated 10 years ago
Related projects: ⓘ
- Simple PE packer with RtlCompressBuffer☆21Updated 8 years ago
- Helper utility for debugging windows PE/PE+ loader.☆49Updated 9 years ago
- Decrement Windows Kernel for fun and profit☆38Updated 6 years ago
- Kernel-mode file scanner☆17Updated 6 years ago
- just an lite AntiRootkit for interesting☆23Updated 8 years ago
- DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10☆49Updated 6 months ago
- Open Source Libraries Collection☆24Updated 8 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆21Updated 7 years ago
- ☆14Updated 7 years ago
- windows create process with a dll load first time via LdrHook☆30Updated 7 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆25Updated 7 years ago
- ☆11Updated this week
- OpenHIPS prevents exploitation of Windows systems☆33Updated 11 years ago
- a binary x86win32 code obfuscator using virtual machine☆32Updated 7 years ago
- Windows 10 UAC bypass PoC using LaunchInfSection☆34Updated 6 years ago
- ☆31Updated this week
- User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.☆18Updated 8 years ago
- Native Development Kit for Vista 64bit And Later, by me, Based on NDK Headers 1.0, by Alex Ionescu☆16Updated 8 years ago
- A simple native code virtualizer for 32-bit Windows PE☆14Updated 8 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 6 years ago
- ☆14Updated 7 years ago
- reverse win7 32bit hotpatch implement☆9Updated 10 years ago
- ☆28Updated 9 years ago
- ☆33Updated 6 years ago
- The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers☆34Updated 7 years ago
- A WinDbg theme☆10Updated 2 years ago
- WhoCalls can query a directory of files, find the binaries, and search for a user specified Win API import. It and works with both 32-bit…☆17Updated 2 years ago
- CVE-2014-0816☆24Updated 7 years ago
- ☆25Updated this week
- Headers for linking your software with ntdll.dll☆15Updated 3 years ago