idkhidden / winapipatcherLinks
WinApi Patcher is a straightforward tool leveraging windows API hooking to patch and modify certain behaviors in a targeted environment.
☆43Updated last year
Alternatives and similar repositories for winapipatcher
Users that are interested in winapipatcher are comparing it to the libraries listed below
Sorting:
- spoof return address☆77Updated 2 years ago
- ntoskrnl .data hooks for UM-KM communication☆51Updated last year
- Windows 11 24H2-25H2 Runtime PatchGuard Bypass☆203Updated last week
- A C++17 framework designed to enable obfuscation of constants, variables, and strings.☆22Updated last year
- kernel-mode DLL Injector☆115Updated 6 months ago
- Exploits targeting eneio64.sys - Turning Physical Memory R/W into Virtual Memory R/W☆105Updated last week
- An improved version of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆72Updated 6 months ago
- Scan for potentially vulnerable drivers☆92Updated 3 years ago
- DSE & PG bypass via BYOVD attack☆64Updated 3 months ago
- Recursive and arbitrary code execution at kernel-level without a system thread creation☆155Updated 2 years ago
- Using c++23 compile-time magic to produce obfuscated PIC strings and arrays.☆30Updated last year
- Fully working kernel-mode VAC bypass☆85Updated 8 months ago
- Research of modifying exported function names at runtime (C/C++, Windows)☆17Updated last year
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆129Updated 2 years ago
- ANY.RUN sandbox detection collection☆21Updated last year
- X86 Packer with Portable Executable compatibility.☆61Updated 2 months ago
- C++ macro for x64 programs that breaks ida hex-rays decompiler tool.☆128Updated last year
- PoC Anti-Rootkit/Anti-Cheat Driver.☆223Updated 6 months ago
- A universal binary patching dll.☆95Updated last year
- Tool to dump EFI runtime drivers.☆37Updated last year
- A windows kernel mode driver that spoofs serial numbers when mapped and executes a malicious payload (FULLY from kernel!!!)☆32Updated last year
- kernel to user mode APC injector☆44Updated 3 years ago
- windows rootkit☆61Updated last year
- SysCaller: SDK for WindowsAPI via syscalls. Dynamic Resolution, Obfuscation, Multi-Language Bindings, & more!☆49Updated last week
- ☆48Updated 8 months ago
- ☆26Updated last year
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆76Updated 2 years ago
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆73Updated 6 months ago
- Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…☆78Updated 4 months ago
- PoC exploit for HP Hardware Diagnostic's EtdSupp driver☆50Updated 2 years ago