NtCreateUserProcess with CsrClientCallServer for mainstream Windows x64 version
☆44Jul 16, 2024Updated last year
Alternatives and similar repositories for NtCreateUserProcess-Post
Users that are interested in NtCreateUserProcess-Post are comparing it to the libraries listed below
Sorting:
- Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post☆80Sep 2, 2024Updated last year
- So you want to fix a raw .net file manually ? I got it!, Let's fix RVA and Sizes, Relocations, EP, IAT, Metadata Dir, Directory, BSJB, In…☆10Aug 8, 2022Updated 3 years ago
- Simulate SendInput with ClassService☆35Sep 5, 2018Updated 7 years ago
- Walks through the 4-level paging structures in Windows x64☆13Feb 12, 2023Updated 3 years ago
- Extended library for using direct system calls on windows☆17Feb 6, 2022Updated 4 years ago
- IO隐藏通信封装☆17May 31, 2021Updated 4 years ago
- Crystal Palace library for proxying Nt API calls via the Threadpool☆99Oct 18, 2025Updated 4 months ago
- Illustrates the concept of return address spoofing, and how it is used.☆14May 13, 2020Updated 5 years ago
- One-header configurable C++20 COFF loader☆21Jul 21, 2025Updated 7 months ago
- G-Presto Anti-Cheat Reverse Engineered.☆26Jun 8, 2022Updated 3 years ago
- Collection of shellcode injection and execution techniques☆18Aug 21, 2025Updated 6 months ago
- Just another version of the custom stack call from Proxy-Function-Calls-For-ETwTI☆34Mar 17, 2023Updated 2 years ago
- Some eternal WIP stuff :)☆21Nov 18, 2025Updated 3 months ago
- Proof-of-Concept software for detecting AV/EDR hooks in Windows libraries.☆38May 12, 2022Updated 3 years ago
- 针对windows rootkit的一些检测,分别从进程、端口、文件这三个方面进行检测。☆21Jan 16, 2025Updated last year
- Enumerate various traits from Windows processes as an aid to threat hunting☆202Jan 13, 2022Updated 4 years ago
- Another method to anti ThreadHideFromDebugger☆37Mar 5, 2019Updated 6 years ago
- Open Source Libraries Collection☆24Jan 1, 2016Updated 10 years ago
- PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook☆12May 30, 2024Updated last year
- A wrapper around Windows, calls explicitly the lowest possible calls☆14Jan 19, 2023Updated 3 years ago
- This is a PoC using native windows API directx, to hide and decrypt shellcode via compute shader☆10May 3, 2025Updated 9 months ago
- A library to read physical memory and system-wide virtual memory.☆128May 3, 2018Updated 7 years ago
- Notes my learning steps about Windows-NT☆23May 18, 2017Updated 8 years ago
- 热门网络游戏辅助开发教程☆19May 27, 2021Updated 4 years ago
- Simple memory obfuscator.☆24Jul 21, 2022Updated 3 years ago
- D☆44May 3, 2021Updated 4 years ago
- ☆11Apr 26, 2021Updated 4 years ago
- Static Library For Windows Drivers☆41Dec 13, 2025Updated 2 months ago
- A New Exploitation Technique for Visual Studio Projects☆11Nov 5, 2023Updated 2 years ago
- Terminate AV/EDR processes by exploiting the vulnerable NsecSoft driver☆33Sep 15, 2025Updated 5 months ago
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆30Sep 24, 2025Updated 5 months ago
- 扫描以及恢复 r3hook 类☆10Aug 29, 2021Updated 4 years ago
- Learn Winapi in this Repo with examples, to understand its abstraction in reverse engineering for Windows.☆11Aug 8, 2022Updated 3 years ago
- String obfuscator based on the Mealy automata☆13Sep 16, 2017Updated 8 years ago
- windows kernel-mode driver, provide memory reading & writing, mini-filters, obCallbacks☆10Mar 20, 2019Updated 6 years ago
- Ready-to-use headers for Windows Kernel SSDT indices☆11Apr 12, 2020Updated 5 years ago
- ☆17Jan 9, 2025Updated last year
- Simple IOCTL hooking driver for Kernel- User - Mode communication.☆11Jul 26, 2020Updated 5 years ago
- Win32 PE Anti-RE and Anti-debugging Framework☆13May 14, 2019Updated 6 years ago