hMihaiDavid / addscnView external linksLinks
Add an empty section to a PE file
☆53Aug 8, 2017Updated 8 years ago
Alternatives and similar repositories for addscn
Users that are interested in addscn are comparing it to the libraries listed below
Sorting:
- impersonate trustedinstaller by fiddling with tokens☆17Aug 30, 2021Updated 4 years ago
- A flexible tool that creates a minidump of the LSASS process☆14Jan 18, 2022Updated 4 years ago
- Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD☆28Jan 4, 2024Updated 2 years ago
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆57Feb 2, 2026Updated last week
- This PoC uses two diferent technics for stealing the primary token from all running processes, showing that is possible to impersonate a…☆57Nov 4, 2021Updated 4 years ago
- ☆26Sep 29, 2022Updated 3 years ago
- Crossplatform tool for inject shellcode into .exe and .dll binaries (x86 and x64)☆75Dec 22, 2025Updated last month
- Section Mapping Process Injection modified with SysWhisper2 (sw2-secinject): Cobalt Strike BOF☆44Jun 23, 2022Updated 3 years ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- Encrypting and decrypting files with AES or RC4 on Microsoft Windows☆37Apr 6, 2014Updated 11 years ago
- It stinks☆105Apr 22, 2022Updated 3 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆71May 11, 2022Updated 3 years ago
- A kernel mode Windows rootkit in development.☆49Dec 31, 2021Updated 4 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆32Aug 12, 2022Updated 3 years ago
- Disable threat tracing from the kernel..☆13Apr 8, 2022Updated 3 years ago
- improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys☆49Mar 10, 2023Updated 2 years ago
- Hijack NotifyRoutine for a kernelmode thread☆41Jun 4, 2022Updated 3 years ago
- POC for frustrating/defeating Malware Analysts☆158Jun 12, 2022Updated 3 years ago
- Walks through the 4-level paging structures in Windows x64☆13Feb 12, 2023Updated 3 years ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆14Sep 30, 2022Updated 3 years ago
- ☆24Apr 12, 2022Updated 3 years ago
- ☆504Aug 14, 2022Updated 3 years ago
- A reflexive driver loader to bypass Windows DSE (featuring a custom PE loader)☆43Sep 1, 2018Updated 7 years ago
- Get your data from the resource section manually, with no need for windows apis☆67Oct 22, 2024Updated last year
- Read Memory without ReadProcessMemory for Current Process☆89Feb 13, 2022Updated 4 years ago
- ☆26Dec 29, 2021Updated 4 years ago
- Allows you to find the use of ScyllaHide, if your program will debug and restore hooking functions bytes.☆26Aug 3, 2019Updated 6 years ago
- Abusing exceptions for code execution.☆113Jan 30, 2023Updated 3 years ago
- x86 PE Mutator☆232Dec 24, 2022Updated 3 years ago
- Execute a payload at each right click on a file/folder in the explorer menu for persistence☆176Mar 15, 2023Updated 2 years ago
- Windows Kernel Programming Experiments☆84Sep 18, 2022Updated 3 years ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆138Sep 12, 2022Updated 3 years ago
- Hook NtDeviceIoControlFile with PatchGuard☆107May 10, 2022Updated 3 years ago
- PDF Icon File Type Spoofer☆17Jul 8, 2024Updated last year
- shadow tls client☆14Dec 30, 2022Updated 3 years ago
- A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)☆549Apr 8, 2025Updated 10 months ago
- Minifilter Callback Patching Proof-of-Concept☆73Oct 31, 2022Updated 3 years ago
- Windows API Call Obfuscation☆112Dec 9, 2022Updated 3 years ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆66May 2, 2023Updated 2 years ago