goldenscale / GS_GithubMirrorLinks
A Github Mirror List For GS Star Repository
☆22Updated 2 years ago
Alternatives and similar repositories for GS_GithubMirror
Users that are interested in GS_GithubMirror are comparing it to the libraries listed below
Sorting:
- POC Ring3 Windows Rootkit (x86 / x64) - Hide processes and files☆62Updated 2 years ago
- Create a new thread that will suspend every thread and encrypt its stack, then going to sleep , then decrypt the stacks and resume thread…☆166Updated 2 years ago
- ☆20Updated 2 years ago
- Windows Kernel Rootkit☆57Updated 2 months ago
- Compact MBR Bootkit for Windows☆52Updated 4 years ago
- This script is used to unload PsSetCreateProcessNotifyRoutineEx, PsSetCreateProcessNotifyRoutine, PsSetLoadImageNotifyRoutine and PsSetCr…☆63Updated last year
- Kernel Mode Driver for Elevating Process Privileges☆134Updated 2 years ago
- Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections☆165Updated 2 years ago
- NTAPI hook bypass with (semi) legit stack trace☆18Updated 2 years ago
- My adventures in learning about different userland malware techniques, such as syscalls, injection, unhooking or sandbox evasion.☆79Updated 2 years ago
- Windows API Call Obfuscation☆112Updated 3 years ago
- C\C++ Ransomware example using RSA and AES-128 with BCrypt library on Windows☆19Updated 3 years ago
- Code used in this post https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html☆140Updated 3 years ago
- Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven☆252Updated last year
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆91Updated 2 years ago
- Minimalistic HTTP(S) client for the NT kernel☆61Updated 2 months ago
- Block any Process to open HANDLE to your process , only SYTEM is allowed to open handle to your process ,with that you can avoid remote m…☆172Updated 2 years ago
- This program is used to perform reflective DLL Injection to a remote process specified by the user.☆65Updated 2 years ago
- A C++/Asm template for PIC/EXE/DLL malware☆24Updated 5 months ago
- NtCreateUserProcess with CsrClientCallServer for mainstream Windows x64 version☆41Updated last year
- Use hardware breakpoints to spoof the call stack for both syscalls and API calls☆201Updated last year
- Admin2Sys it's a C++ malware to escalate privileges from Administrator account to NT AUTORITY SYSTEM☆62Updated 2 years ago
- Minifilter Callback Patching Proof-of-Concept☆73Updated 3 years ago
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.☆72Updated last year
- Finding Truth in the Shadows☆120Updated 3 years ago
- kernel-mode DLL Injector☆125Updated 9 months ago
- PoC for thread pool based process injection in Windows.☆120Updated 10 months ago
- A simple POC to show how to chain multiple callbacks via tail calls to artificially construct a call stack☆96Updated last month
- C2☆120Updated last month
- Titan: A crappy Reflective Loader written in C and assembly for Cobalt Strike. Redirects DNS Beacon over DoH☆69Updated 4 years ago