helloobaby/spoofcall external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

helloobaby/spoofcall

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/helloobaby/spoofcall)

Close

helloobaby / spoofcallView on GitHubMore

• External links
• Readme badge

spoof return address

☆81Apr 28, 2023Updated 3 years ago

Alternatives and similar repositories for spoofcall

Users that are interested in spoofcall are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• AlSch092 / ModifyExports

  View on GitHub
  Research of modifying exported function names at runtime (C/C++, Windows)
  ☆18May 28, 2024Updated last year
• wbaby / DoubleCallBack

  View on GitHub
  ☆186May 20, 2022Updated 3 years ago
• XaFF-XaFF / ZwProcessHollowing

  View on GitHub
  ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption
  ☆94Mar 23, 2023Updated 3 years ago
• VirtualAlllocEx / Create_Thread_Inline_Assembly_x86

  View on GitHub
  This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly
  ☆20Apr 17, 2023Updated 3 years ago
• passthehashbrowns / VectoredExceptionHandling

  View on GitHub
  ☆108Aug 21, 2024Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• SaadAhla / BlockOpenHandle

  View on GitHub
  Block any Process to open HANDLE to your process , only SYTEM is allowed to open handle to your process ,with that you can avoid remote m…
  ☆174Apr 27, 2023Updated 3 years ago
• WithSecureLabs / CallStackSpoofer

  View on GitHub
  A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)
  ☆566Apr 8, 2025Updated last year
• 1401199262 / Hook-KdTrap

  View on GitHub
  ☆225Mar 11, 2023Updated 3 years ago
• cs1ime / KernelDwm

  View on GitHub
  Kernel dwm render
  ☆171Oct 10, 2023Updated 2 years ago
• skadro-official / skCrypter

  View on GitHub
  Compile-time, Usermode + Kernelmode, safe and lightweight string crypter library for C++11+
  ☆830Jun 3, 2021Updated 4 years ago
• Barracudach / CallStack-Spoofer

  View on GitHub
  This tool will allow you to spoof the return addresses of your functions as well as system functions.
  ☆562Nov 12, 2022Updated 3 years ago
• x0reaxeax / rwlazer64

  View on GitHub
  Win64 UEFI Driver-based tool for unrestricted memory R/W
  ☆30Feb 8, 2022Updated 4 years ago
• Cracked5pider / CodeCave

  View on GitHub
  A bunch of scripts and code i wrote.
  ☆149Nov 7, 2024Updated last year
• 0x00Check / ExploitLeakedHandle

  View on GitHub
  Identify and exploit leaked handles for local privilege escalation.
  ☆112Jun 19, 2023Updated 2 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• xalicex / Killers

  View on GitHub
  Exploitation of process killer drivers
  ☆204Oct 17, 2023Updated 2 years ago
• Ap3x / COFF-Loader

  View on GitHub
  A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader
  ☆71Mar 6, 2026Updated last month
• Ethicalrat / Evasive-Loader

  View on GitHub
  Evasive loader to bypass static detection
  ☆60Jan 15, 2024Updated 2 years ago
• nbs32k / inline-syscall

  View on GitHub
  Inline syscalls made for MSVC supporting x64 and WOW64
  ☆193Jul 10, 2023Updated 2 years ago
• susMdT / effective-waffle

  View on GitHub
  yet another sleep encryption thing. also used the default github repo name for this one.
  ☆69May 11, 2023Updated 2 years ago
• rbmm / RtlClone

  View on GitHub
  ☆43Feb 18, 2025Updated last year
• Crypt0s / Ekko_CFG_Bypass

  View on GitHub
  A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process
  ☆116Aug 29, 2022Updated 3 years ago
• githubesson / chrome_abe_poc

  View on GitHub
  golang decryption poc of the new app bound encryption introduced in chrome version 127.
  ☆22Nov 4, 2024Updated last year
• XaFF-XaFF / Kernel-Process-Hollowing

  View on GitHub
  Windows x64 kernel mode rootkit process hollowing POC.
  ☆191Jun 30, 2023Updated 2 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• SaadAhla / HeapCrypt

  View on GitHub
  Encypting the Heap while sleeping by hooking and modifying Sleep with our own sleep that encrypts the heap
  ☆248Aug 2, 2023Updated 2 years ago
• fortra / hw-call-stack

  View on GitHub
  Use hardware breakpoints to spoof the call stack for both syscalls and API calls
  ☆203Jun 6, 2024Updated last year
• xct / SeManageVolumeAbuse

  View on GitHub
  SeManageVolumePrivilege to SYSTEM
  ☆150Nov 22, 2023Updated 2 years ago
• itm4n / PPLrevenant

  View on GitHub
  Bypass LSA protection using the BYODLL technique
  ☆178Sep 21, 2024Updated last year
• xct / CVE-2024-27460

  View on GitHub
  Plantronics Desktop Hub LPE
  ☆37May 15, 2024Updated last year
• cutecatsandvirtualmachines / SKLib

  View on GitHub
  Standard Kernel Library for Windows manipulation in C++
  ☆206Jun 18, 2025Updated 10 months ago
• GetRektBoy724 / DCMB

  View on GitHub
  Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!
  ☆251Jul 9, 2024Updated last year
• dmcxblue / NtCreateUserProcessBOF

  View on GitHub
  An Aggressor Script that utilizes NtCreateUserProcess to run binaries
  ☆31Jan 30, 2025Updated last year
• x0reaxeax / SyscallHookBypass

  View on GitHub
  NTAPI hook bypass with (semi) legit stack trace
  ☆19May 9, 2023Updated 2 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• fin3ss3g0d / NativeThreadpool

  View on GitHub
  Work, timer, and wait callback example using solely Native Windows APIs.
  ☆89Feb 11, 2024Updated 2 years ago
• YOLOP0wn / EchoDrv

  View on GitHub
  Exploitation of echo_driver.sys
  ☆170Sep 16, 2023Updated 2 years ago
• ranni0225 / WRK

  View on GitHub
  Windows Research Kernel
  ☆37Sep 22, 2025Updated 7 months ago
• komimoe / arkCrypter

  View on GitHub
  Compile-time + Lifetime, Usermode + Kernelmode, safe and lightweight string crypter library for C++17+, based on skCrypter
  ☆20Jan 17, 2026Updated 3 months ago
• WKL-Sec / Winsocky

  View on GitHub
  Winsocket for Cobalt Strike.
  ☆105Jul 6, 2023Updated 2 years ago
• florylsk / NtRemoteLoad

  View on GitHub
  Remote Shellcode Injector
  ☆221Aug 27, 2023Updated 2 years ago
• J0xna / il2cpp-external-library

  View on GitHub
  ☆24Sep 17, 2023Updated 2 years ago