hMihaiDavid / addscn
Add an empty section to a PE file
☆53Updated 7 years ago
Alternatives and similar repositories for addscn:
Users that are interested in addscn are comparing it to the libraries listed below
- ☆25Updated 2 years ago
- Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler☆28Updated 3 years ago
- A x64 PE Packer/Protector Developed in C++ and VisualStudio☆51Updated last year
- A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks.☆109Updated 3 years ago
- ☆59Updated 2 years ago
- Hook all callbacks which are registered with LdrRegisterDllNotification☆85Updated 2 years ago
- Record & prevent file deletion in kernel mode☆42Updated 4 years ago
- A simple password-based PE encryptor for Windows 32-bit executables.☆51Updated 2 months ago
- Elevate arbitrary MSR writes to kernel execution.☆32Updated last year
- APC DLL Injector with NtQueueApcThread and wake up thread support☆43Updated 7 years ago
- Process Hollowing demonstration & explanation☆35Updated 4 years ago
- A reflexive driver loader to bypass Windows DSE (featuring a custom PE loader)☆42Updated 6 years ago
- Detours implementation (x64/x86) which used only ntdll import☆90Updated 9 months ago
- Dynamically generated obfuscated jumps and/or function calls☆35Updated last year
- An extended proof-of-concept for the CVE-2021-21551 Dell ‘dbutil_2_3.sys’ Kernel Exploit☆24Updated 3 years ago
- Convert PE files to a shellcode☆74Updated 4 years ago
- Load Dll into Kernel space☆38Updated 2 years ago
- Compile-Time Calls Obfuscator for C++14+☆42Updated last year
- An example of how x64 kernel shellcode can dynamically find and use APIs☆104Updated 4 years ago
- Lightweight Portable Executable parsing library and a demo peParser application.☆78Updated 2 years ago
- Library for using direct system calls☆35Updated 2 months ago
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆83Updated 2 years ago
- Yet another Windows DLL injector.☆38Updated 3 years ago
- A years-old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77.☆38Updated 3 years ago
- Call 32bit NtDLL API directly from WoW64 Layer☆60Updated 4 years ago
- Debug Print viewer (user and kernel)☆65Updated last year
- Allows you to find the use of ScyllaHide, if your program will debug and restore hooking functions bytes.☆25Updated 5 years ago
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆72Updated 3 years ago
- Simple PE Packer Which Encrypts .text Section☆51Updated 7 years ago
- Listing UDP connections with remote address without sniffing.☆30Updated last year