idkhidden / WinApiPatcher
WinApi Patcher is a straightforward tool leveraging windows API hooking to patch and modify certain behaviors in a targeted environment.
☆41Updated 6 months ago
Alternatives and similar repositories for WinApiPatcher:
Users that are interested in WinApiPatcher are comparing it to the libraries listed below
- ☆44Updated last month
- codecave hook reverse engineering toolkit.☆37Updated last year
- spoof return address☆73Updated last year
- DSE & PG bypass via BYOVD attack☆44Updated 11 months ago
- Tool to dump EFI runtime drivers.☆35Updated last year
- A simple direct syscall wrapper written in C++ with compatibility for x86 and x64 programs.☆45Updated last month
- ntoskrnl .data hooks for UM-KM communication☆38Updated 10 months ago
- A C++17 framework designed to enable obfuscation of constants, variables, and strings.☆26Updated last year
- A windows kernel mode driver that spoofs serial numbers when mapped and executes a malicious payload (FULLY from kernel!!!)☆32Updated 5 months ago
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆119Updated last year
- Experiment with PAGE_GUARD protection to hide memory from other processes☆44Updated 9 months ago
- Fully working kernel-mode VAC bypass☆62Updated last month
- Freeze target threads (external - internal ) by avoiding SuspendThread detections. Or access registers from start address.☆32Updated last year
- A simple tool to assemble shellcode ready to be copy-pasted into code☆68Updated 2 years ago
- PoC kernel to usermode injection☆79Updated last year
- This is an EfiGuard BootLoader that can boot EfiGuard from Usermode with no USB or Setup as a Single Executable with automatic File Dumpi…☆50Updated 6 months ago
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆48Updated 2 years ago
- manual map unsigned driver over signed memory☆186Updated 11 months ago
- TS-Changer - Forces the machine in/out of TestSigning Mode at runtime.☆66Updated last year
- Scan for potentially vulnerable drivers☆86Updated 3 years ago
- ☆73Updated 11 months ago
- ☆56Updated last year
- Using c++23 compile-time magic to produce obfuscated PIC strings and arrays.☆19Updated 9 months ago
- Compileable POC of namazso's x64 return address spoofer.☆51Updated 4 years ago
- browse microsoft driver server for potentially vulnerable drivers☆16Updated 10 months ago
- PoC exploit for HP Hardware Diagnostic's EtdSupp driver☆50Updated last year
- Hooking Windows' exception dispatcher to protect process's PML4☆158Updated 2 months ago
- silence file system monitoring components by hooking their minifilters☆56Updated last year
- Load dll with undocumented functions and debug symbols☆47Updated 8 months ago
- kernel to user mode APC injector☆44Updated 3 years ago