idan1288 / PHDetection

Related projects: ⓘ

• mobdk / CloneProcess
  Clone running process with ZwCreateProcess
  ☆58Updated 3 years ago
• AzAgarampur / byeintegrity3-uac
  Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler
  ☆26Updated 3 years ago
• ch3rn0byl / WinDbg-Extensions
  ☆17Updated 3 years ago
• SamLarenN / PePacker
  Simple PE Packer Which Encrypts .text Section
  ☆45Updated 7 years ago
• alfarom256 / drivers_and_shit
  ☆56Updated 2 years ago
• aaaddress1 / dnLauncher
  ☆36Updated 2 years ago
• NtRaiseHardError / Sysmon
  Sysmon shenanigans
  ☆65Updated 3 years ago
• hasherezade / libpeconv_tpl
  A ready-made template for a project based on libpeconv.
  ☆40Updated last year
• hasherezade / hidden_bee_tools
  Parser for a custom executable format from Hidden Bee malware (first stage)
  ☆39Updated last week
• OmerYa / ROPInjector
  Rite Of Passage ROP Injector
  ☆33Updated 5 years ago
• zerosum0x0 / heresy
  ☆49Updated this week
• Internet-2-0 / Malcore-x64dbg
  This x64dbg plugin allows you to upload your sample to Malcore and view the results.
  ☆31Updated last year
• mathisvickie / CVE-2021-21551
  arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system
  ☆52Updated 2 years ago
• vineetgaurav / WIN_JELLY
  Windows GPU rootkit PoC by Team Jellyfish
  ☆35Updated 9 years ago
• pr0tean / TelemetrySourcerer-patched
  Tiny driver patch to allow kernel callbacks to work on Win10 21h1
  ☆31Updated 2 years ago
• Maff1t / InjectNtdllPOC
  Process Injection without R/W target memory and without creating a remote thread
  ☆19Updated 2 years ago
• rjt-gupta / CVE-2021-29337
  CVE-2021-29337 - Privilege Escalation in MODAPI.sys (MSI Dragon Center)
  ☆29Updated 2 years ago
• hoangprod / DanSpecial
  Weaponizing Gigabyte driver for priv escalation and bypass PPL
  ☆68Updated 5 years ago
• ioncodes / pooldump
  ☆29Updated 2 years ago
• lfontesm / PEB-Walk
  ☆11Updated 2 years ago
• redplait / pexphide
  PoC for hiding PE exports
  ☆65Updated 3 years ago
• ionescu007 / hazmat5
  Local OXID Resolver (LCLOR) : Research and Tooling
  ☆31Updated 3 years ago
• uvbs / NT-APC-Injector
  APC DLL Injector with NtQueueApcThread and wake up thread support
  ☆44Updated 7 years ago
• DimopoulosElias / Primitives
  ☆31Updated 4 years ago
• yardenshafir / CallbackObjectAnalyzer
  Dumps information about all the callback objects found in a dump file and the functions registered for them
  ☆32Updated 3 years ago
• h0mbre / ioctl.py
  ☆20Updated 4 years ago
• jackullrich / TRunPE
  A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…
  ☆91Updated 4 years ago
• repnz / windows-imports-searcher
  Support Windows OS Reversing by searching easily for references to functions across many DLLs
  ☆33Updated 2 years ago
• slaeryan / WKPExercises
  ☆19Updated this week