idkhidden / winapipatcherLinks
WinApi Patcher is a straightforward tool leveraging windows API hooking to patch and modify certain behaviors in a targeted environment.
☆43Updated last year
Alternatives and similar repositories for winapipatcher
Users that are interested in winapipatcher are comparing it to the libraries listed below
Sorting:
- stack based arithmetic only virtual machine (VM) executes bytecode instructions to perform various basic arithmetic operations and manage…☆26Updated 10 months ago
- spoof return address☆79Updated 2 years ago
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆78Updated 9 months ago
- A C++17 framework designed to enable obfuscation of constants, variables, and strings.☆23Updated 2 years ago
- kernel-mode DLL Injector☆124Updated 9 months ago
- ntoskrnl .data hooks for UM-KM communication☆53Updated last year
- Scan for potentially vulnerable drivers☆94Updated 3 years ago
- A serie of exploits targeting eneio64.sys - Turning Physical Memory R/W into Virtual Memory R/W☆111Updated 3 months ago
- Usermode NT Explorer - Query kernel addresses, translate virtual to physical addresses, inspect the PFN database, and more.☆60Updated 2 weeks ago
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆132Updated 2 years ago
- Using c++23 compile-time magic to produce obfuscated PIC strings and arrays.☆30Updated last year
- Tool to dump EFI runtime drivers.☆39Updated last year
- SysCaller: SDK for WindowsAPI via syscalls. Dynamic Resolution, Obfuscation, Multi-Language Bindings, & more!☆51Updated 2 months ago
- Ryūjin Protector - Is a Intel Arch - BIN2BIN - PE Obfuscation/Protection/DRM tool☆286Updated 2 months ago
- Fast covert timing channel communication for inter-process and inter-processor communication on Windows systems.☆67Updated 2 months ago
- Windows 11 24H2-25H2 Runtime PatchGuard Bypass☆239Updated 2 months ago
- windows rootkit☆60Updated last year
- Recursive and arbitrary code execution at kernel-level without a system thread creation☆158Updated 2 years ago
- ANY.RUN sandbox detection collection☆22Updated last year
- kernel to user mode APC injector☆46Updated 3 years ago
- Minimalistic HTTP(S) client for the NT kernel☆61Updated last month
- Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…☆92Updated 6 months ago
- Compileable POC of namazso's x64 return address spoofer.☆50Updated 5 years ago
- ☆28Updated last year
- All LLVM binaries scrambled with SigBreaker and used to test against llvm-lit☆25Updated 8 months ago
- Hook all callbacks which are registered with LdrRegisterDllNotification☆96Updated 9 months ago
- Research of modifying exported function names at runtime (C/C++, Windows)☆18Updated last year
- DSE & PG bypass via BYOVD attack☆77Updated 6 months ago
- Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…☆81Updated 7 months ago
- PoC exploit for HP Hardware Diagnostic's EtdSupp driver☆51Updated 2 years ago