helloobaby/spoofcall external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

helloobaby/spoofcall

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/helloobaby/spoofcall)

Close

helloobaby / spoofcallView on GitHubMore

• External links
• Readme badge

spoof return address

☆82Apr 28, 2023Updated 3 years ago

Alternatives and similar repositories for spoofcall

Users that are interested in spoofcall are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• AlSch092 / ModifyExports

  View on GitHub
  Research of modifying exported function names at runtime (C/C++, Windows)
  ☆18May 28, 2024Updated last year
• wbaby / DoubleCallBack

  View on GitHub
  ☆186May 20, 2022Updated 4 years ago
• XaFF-XaFF / ZwProcessHollowing

  View on GitHub
  ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption
  ☆94Mar 23, 2023Updated 3 years ago
• VirtualAlllocEx / Create_Thread_Inline_Assembly_x86

  View on GitHub
  This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly
  ☆20Apr 17, 2023Updated 3 years ago
• passthehashbrowns / VectoredExceptionHandling

  View on GitHub
  ☆109Aug 21, 2024Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• SaadAhla / BlockOpenHandle

  View on GitHub
  Block any Process to open HANDLE to your process , only SYTEM is allowed to open handle to your process ,with that you can avoid remote m…
  ☆174Apr 27, 2023Updated 3 years ago
• WithSecureLabs / CallStackSpoofer

  View on GitHub
  A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)
  ☆573Apr 8, 2025Updated last year
• cs1ime / KernelDwm

  View on GitHub
  Kernel dwm render
  ☆172Oct 10, 2023Updated 2 years ago
• 1401199262 / Hook-KdTrap

  View on GitHub
  ☆228Mar 11, 2023Updated 3 years ago
• skadro-official / skCrypter

  View on GitHub
  Compile-time, Usermode + Kernelmode, safe and lightweight string crypter library for C++11+
  ☆826Jun 3, 2021Updated 4 years ago
• Barracudach / CallStack-Spoofer

  View on GitHub
  This tool will allow you to spoof the return addresses of your functions as well as system functions.
  ☆570Nov 12, 2022Updated 3 years ago
• x0reaxeax / rwlazer64

  View on GitHub
  Win64 UEFI Driver-based tool for unrestricted memory R/W
  ☆30Feb 8, 2022Updated 4 years ago
• Cracked5pider / CodeCave

  View on GitHub
  A bunch of scripts and code i wrote.
  ☆150Nov 7, 2024Updated last year
• 0x00Check / ExploitLeakedHandle

  View on GitHub
  Identify and exploit leaked handles for local privilege escalation.
  ☆112Jun 19, 2023Updated 2 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• xalicex / Killers

  View on GitHub
  Exploitation of process killer drivers
  ☆205Oct 17, 2023Updated 2 years ago
• Ap3x / COFF-Loader

  View on GitHub
  A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader
  ☆71Mar 6, 2026Updated 2 months ago
• Ethicalrat / Evasive-Loader

  View on GitHub
  Evasive loader to bypass static detection
  ☆60Jan 15, 2024Updated 2 years ago
• nbs32k / inline-syscall

  View on GitHub
  Inline syscalls made for MSVC supporting x64 and WOW64
  ☆192Jul 10, 2023Updated 2 years ago
• susMdT / effective-waffle

  View on GitHub
  yet another sleep encryption thing. also used the default github repo name for this one.
  ☆69May 11, 2023Updated 3 years ago
• rbmm / RtlClone

  View on GitHub
  ☆43Feb 18, 2025Updated last year
• Crypt0s / Ekko_CFG_Bypass

  View on GitHub
  A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process
  ☆116Aug 29, 2022Updated 3 years ago
• githubesson / chrome_abe_poc

  View on GitHub
  golang decryption poc of the new app bound encryption introduced in chrome version 127.
  ☆22Nov 4, 2024Updated last year
• XaFF-XaFF / Kernel-Process-Hollowing

  View on GitHub
  Windows x64 kernel mode rootkit process hollowing POC.
  ☆193Jun 30, 2023Updated 2 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• SaadAhla / HeapCrypt

  View on GitHub
  Encypting the Heap while sleeping by hooking and modifying Sleep with our own sleep that encrypts the heap
  ☆248Aug 2, 2023Updated 2 years ago
• fortra / hw-call-stack

  View on GitHub
  Use hardware breakpoints to spoof the call stack for both syscalls and API calls
  ☆203Jun 6, 2024Updated last year
• xct / SeManageVolumeAbuse

  View on GitHub
  SeManageVolumePrivilege to SYSTEM
  ☆153Nov 22, 2023Updated 2 years ago
• itm4n / PPLrevenant

  View on GitHub
  Bypass LSA protection using the BYODLL technique
  ☆180Sep 21, 2024Updated last year
• xct / CVE-2024-27460

  View on GitHub
  Plantronics Desktop Hub LPE
  ☆37May 15, 2024Updated 2 years ago
• cutecatsandvirtualmachines / SKLib

  View on GitHub
  Standard Kernel Library for Windows manipulation in C++
  ☆208Jun 18, 2025Updated 11 months ago
• GetRektBoy724 / DCMB

  View on GitHub
  Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!
  ☆253Jul 9, 2024Updated last year
• dmcxblue / NtCreateUserProcessBOF

  View on GitHub
  An Aggressor Script that utilizes NtCreateUserProcess to run binaries
  ☆31Jan 30, 2025Updated last year
• x0reaxeax / SyscallHookBypass

  View on GitHub
  NTAPI hook bypass with (semi) legit stack trace
  ☆19May 9, 2023Updated 3 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• fin3ss3g0d / NativeThreadpool

  View on GitHub
  Work, timer, and wait callback example using solely Native Windows APIs.
  ☆89Feb 11, 2024Updated 2 years ago
• YOLOP0wn / EchoDrv

  View on GitHub
  Exploitation of echo_driver.sys
  ☆170Sep 16, 2023Updated 2 years ago
• ranni0225 / WRK

  View on GitHub
  Windows Research Kernel
  ☆39May 16, 2026Updated last week
• komimoe / arkCrypter

  View on GitHub
  Compile-time + Lifetime, Usermode + Kernelmode, safe and lightweight string crypter library for C++17+, based on skCrypter
  ☆20Jan 17, 2026Updated 4 months ago
• WKL-Sec / Winsocky

  View on GitHub
  Winsocket for Cobalt Strike.
  ☆105Jul 6, 2023Updated 2 years ago
• florylsk / NtRemoteLoad

  View on GitHub
  Remote Shellcode Injector
  ☆221Aug 27, 2023Updated 2 years ago
• J0xna / il2cpp-external-library

  View on GitHub
  ☆24Sep 17, 2023Updated 2 years ago