h4xu3lyn / NTLibLinks
Headers for linking your software with ntdll.dll
☆15Updated 4 years ago
Alternatives and similar repositories for NTLib
Users that are interested in NTLib are comparing it to the libraries listed below
Sorting:
- Static library and headers for linking your software with ntdll.dll☆32Updated 5 years ago
- Library for using direct system calls☆35Updated 4 months ago
- Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling☆33Updated 5 years ago
- .lib file for linking against the NT CRT☆19Updated 3 years ago
- A POC for Windows Extension Host hooking☆22Updated 5 years ago
- Dumps information about all the callback objects found in a dump file and the functions registered for them☆36Updated 4 years ago
- Shellcode injection using debugging APIs☆19Updated 11 years ago
- Dump PDB Symbols including support for Bochs Debugging Format (with wine support)☆15Updated last year
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year
- win32/x64 obfuscate framework☆32Updated 6 years ago
- Windows x64 Process Scanner to detect application compatability shims☆37Updated 6 years ago
- Data and structures regarding the research done on WdFilter☆12Updated 5 years ago
- A working version of this tutorial: https://docs.microsoft.com/en-us/windows/desktop/rpc/tutorial☆16Updated 5 years ago
- hooking KiUserApcDispatcher☆24Updated 8 years ago
- ☆20Updated 5 years ago
- Code Integrity Violation Spotter☆16Updated last year
- Class implementation of PowerLoader injection technique☆31Updated 8 years ago
- Windbg extension that allows you analyze Control Flow Guard map☆35Updated 3 years ago
- vmware-backdoor☆33Updated 3 years ago
- Panda - is a set of utilities used to research how PsExec encrypts its traffic.☆12Updated 4 years ago
- Simple PE packer with RtlCompressBuffer☆21Updated 9 years ago
- XOrCryptEx lightweight C Utility/Algorithm☆11Updated 3 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆24Updated 3 years ago
- ☆34Updated 7 years ago
- ☆21Updated 4 years ago
- An example of PE hollowing injection technique☆23Updated 5 years ago
- WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs☆18Updated last year
- Kernel mode windows NT API logger☆22Updated 5 years ago
- Reflective DLL Injection style process infector☆20Updated 6 years ago
- ☆22Updated 4 years ago