hMihaiDavid / addscn

Related projects ⓘ

Alternatives and complementary repositories for addscn

• ytk2128 / pe32-password
  Sample project that encrypts windows 32-bit executables with password
  ☆52Updated 2 years ago
• uvbs / NT-APC-Injector
  APC DLL Injector with NtQueueApcThread and wake up thread support
  ☆44Updated 7 years ago
• 0mWindyBug / MinifilterHook
  silence file system monitoring components by hooking their minifilters
  ☆51Updated 9 months ago
• je5442804 / CreateProcessInternalW-Full
  Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post
  ☆47Updated 2 months ago
• m417z / LdrDllNotificationHook
  Hook all callbacks which are registered with LdrRegisterDllNotification
  ☆83Updated last year
• TheAenema / hm-pe-packer
  A x64 PE Packer/Protector Developed in C++ and VisualStudio
  ☆50Updated last year
• rbmm / NtDetours
  Detours implementation (x64/x86) which used only ntdll import
  ☆88Updated 5 months ago
• bb107 / RtlWow64
  c++ implementation of windows heavens gate
  ☆55Updated 3 years ago
• Flawww / ObfuscatedJumpGenerator
  Dynamically generated obfuscated jumps and/or function calls
  ☆33Updated last year
• ntoskrnl7 / ldk
  Load Dll into Kernel space
  ☆38Updated 2 years ago
• idiotc4t / Mapping-injection
  NO WriteProcessMemory CreateRemoteThread APIs call shellcode injection
  ☆28Updated 4 years ago
• rad9800 / VehApiResolve
  ☆98Updated 2 years ago
• therealdreg / windbgtocstruct
  Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…
  ☆26Updated last year
• alfarom256 / drivers_and_shit
  ☆57Updated 2 years ago
• SweetIceLolly / Prevent_File_Deletion
  Record & prevent file deletion in kernel mode
  ☆40Updated 4 years ago
• hid3rx / GhostWriting
  ☆22Updated last year
• hoangprod / DanSpecial
  Weaponizing Gigabyte driver for priv escalation and bypass PPL
  ☆68Updated 5 years ago
• st4ckh0und / hook-buster
  A compact tool for detecting AV/EDR hooks in default Windows libraries.
  ☆29Updated 2 years ago
• jnastarot / cleancall
  Library for using direct system calls
  ☆35Updated 4 years ago
• 1hAck-0 / zeroimport
  ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…
  ☆46Updated last year
• worawit / malk
  Demonstrate calling a kernel function and handle process creation callback against HVCI
  ☆48Updated last year
• Rhydon1337 / windows-kernel-file-delete
  Force a file delete using a windows kernel driver
  ☆61Updated 2 years ago
• hasherezade / libpeconv_tpl
  A ready-made template for a project based on libpeconv.
  ☆41Updated last month
• xenoscr / manual-syscall-detect
  A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks.
  ☆105Updated 2 years ago
• therealdreg / cgaty
  Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)
  ☆69Updated last year
• zodiacon / winnativeapibooksamples
  Samples from my book Windows Native API programming
  ☆57Updated 4 months ago
• kkent030315 / NtSymbol
  Resolve DOS MZ executable symbols at runtime
  ☆93Updated 3 years ago
• splunk / PPLinject
  Inject unsigned DLL into Protected Process Light (PPL)
  ☆13Updated last year
• SamLarenN / PePacker
  Simple PE Packer Which Encrypts .text Section
  ☆49Updated 7 years ago