Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.
☆99Jul 7, 2020Updated 5 years ago
Alternatives and similar repositories for Windows-API-Fuzzer
Users that are interested in Windows-API-Fuzzer are comparing it to the libraries listed below
Sorting:
- PoC capable of detecting manual syscalls from usermode.☆206Nov 13, 2025Updated 3 months ago
- ☆23May 28, 2021Updated 4 years ago
- A PoC designed to bypass all usermode hooks in a WoW64 environment.☆150Sep 16, 2020Updated 5 years ago
- Windows x64 Process Scanner to detect application compatability shims☆37Oct 17, 2018Updated 7 years ago
- Windows syscall fuzzer that I used in 2017 & 2018. Not much to say about it but maybe helpful to someone. At least syscall information it…☆20Nov 20, 2019Updated 6 years ago
- An extensible framework for easily writing compiler optimized position independent x86 / x64 shellcode for windows platforms.☆533Jul 2, 2025Updated 7 months ago
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 3 years ago
- Disable PPL via custom driver and dump lsass☆15Mar 13, 2021Updated 4 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆104May 14, 2020Updated 5 years ago
- NINA: No Injection, No Allocation x64 Process Injection Technique☆227Jun 9, 2020Updated 5 years ago
- Windows CVE主防(HIPS/HIDS)☆57Apr 29, 2021Updated 4 years ago
- A coverage-guided and memory-detection enabled fuzzer for windows applications.☆32Feb 1, 2021Updated 5 years ago
- An IDA plugin to deal with Event Tracing for Windows (ETW)☆55Jul 8, 2022Updated 3 years ago
- POC for a race condition exploit using directory junctions in Windows☆17Apr 26, 2020Updated 5 years ago
- A framework provides an interface to monitor and control fuzzers☆30Jul 5, 2023Updated 2 years ago
- A Fuzzer for Windows NDIS Drivers OID Handlers☆96Nov 4, 2021Updated 4 years ago
- ☆51Apr 13, 2020Updated 5 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆240Nov 6, 2019Updated 6 years ago
- Simple x64dbg plugin to show registers on every step.☆16Jul 27, 2019Updated 6 years ago
- CFB is a ProcMon-style tool designed to assist capturing IRPs sent to Windows drivers.☆333Mar 26, 2024Updated last year
- C# Implementation of the Hell's Gate VX Technique☆216Jun 30, 2020Updated 5 years ago
- A function tracer☆92Jun 4, 2019Updated 6 years ago
- Small fuzzing library with an example script using it.☆21Feb 12, 2021Updated 5 years ago
- A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…☆97Sep 26, 2019Updated 6 years ago
- Research on Anti-malware and other related security solutions☆265Jul 25, 2020Updated 5 years ago
- A Windows kernel dump C++ parser library with Python 3 bindings.☆213Oct 5, 2025Updated 4 months ago
- Evasive shellcode loader for bypassing event-based injection detection (PoC)☆824Aug 23, 2021Updated 4 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆71May 11, 2022Updated 3 years ago
- ☆201Mar 9, 2023Updated 2 years ago
- Vulnerability research on the CA UIM Nimbus protocol☆15Sep 28, 2020Updated 5 years ago
- Windows file system driver which allows to block access to files at run-time (C/C++, C#, WDK, SDK)☆13Jan 1, 2023Updated 3 years ago
- Driver Initial Reconnaissance Tool☆126Dec 26, 2019Updated 6 years ago
- Sample WinDbg extension☆15Jun 21, 2019Updated 6 years ago
- Windows user-land hooks manipulation tool.☆146Apr 20, 2021Updated 4 years ago
- LSASS enumeration like pypykatz written in C-Lang☆20Dec 1, 2021Updated 4 years ago
- Hook NtDeviceIoControlFile with PatchGuard☆107May 10, 2022Updated 3 years ago
- Just another Windows Process Injection☆408Aug 7, 2020Updated 5 years ago
- Enumerating and removing kernel callbacks using signed vulnerable drivers☆588Jan 24, 2023Updated 3 years ago
- 滥用cow机制进行全局注入☆99Jan 1, 2021Updated 5 years ago