NtCreateUserProcess with CsrClientCallServer for mainstream Windows x64 version
☆44Jul 16, 2024Updated last year
Alternatives and similar repositories for NtCreateUserProcess-Post
Users that are interested in NtCreateUserProcess-Post are comparing it to the libraries listed below
Sorting:
- Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post☆80Sep 2, 2024Updated last year
- Extended library for using direct system calls on windows☆17Feb 6, 2022Updated 4 years ago
- Crystal Palace library for proxying Nt API calls via the Threadpool☆101Oct 18, 2025Updated 5 months ago
- Walks through the 4-level paging structures in Windows x64☆13Feb 12, 2023Updated 3 years ago
- Simulate SendInput with ClassService☆35Sep 5, 2018Updated 7 years ago
- Terminate AV/EDR processes by exploiting the vulnerable NsecSoft driver☆33Sep 15, 2025Updated 6 months ago
- IO隐藏通信封装☆17May 31, 2021Updated 4 years ago
- So you want to fix a raw .net file manually ? I got it!, Let's fix RVA and Sizes, Relocations, EP, IAT, Metadata Dir, Directory, BSJB, In…☆10Aug 8, 2022Updated 3 years ago
- Notes my learning steps about Windows-NT☆23May 18, 2017Updated 8 years ago
- Open Source Libraries Collection☆24Jan 1, 2016Updated 10 years ago
- Security research helper for CLFS drivers☆16Sep 5, 2024Updated last year
- Some eternal WIP stuff :)☆21Nov 18, 2025Updated 4 months ago
- Collection of shellcode injection and execution techniques☆18Updated this week
- One-header configurable C++20 COFF loader☆21Jul 21, 2025Updated 7 months ago
- 针对windows rootkit的一些检测,分别从进程、端口、文件这三个方面进行检测。☆21Jan 16, 2025Updated last year
- G-Presto Anti-Cheat Reverse Engineered.☆27Jun 8, 2022Updated 3 years ago
- ☆11Apr 26, 2021Updated 4 years ago
- A portable C# utility for enumerating local and remote windows sessions☆57Jan 1, 2026Updated 2 months ago
- Illustrates the concept of return address spoofing, and how it is used.☆14May 13, 2020Updated 5 years ago
- Binary DisASseMbler☆24Sep 26, 2022Updated 3 years ago
- Source code on the 1.44MB 3.5 floppy accompanying the Windows NT File System Internals book.☆20Jul 31, 2019Updated 6 years ago
- ☆59Jun 8, 2022Updated 3 years ago
- A wrapper around Windows, calls explicitly the lowest possible calls☆14Jan 19, 2023Updated 3 years ago
- Enumerate various traits from Windows processes as an aid to threat hunting☆202Jan 13, 2022Updated 4 years ago
- Just another version of the custom stack call from Proxy-Function-Calls-For-ETwTI☆34Mar 17, 2023Updated 3 years ago
- Proof-of-Concept software for detecting AV/EDR hooks in Windows libraries.☆38May 12, 2022Updated 3 years ago
- Simple memory obfuscator.☆24Jul 21, 2022Updated 3 years ago
- ☆16Sep 26, 2019Updated 6 years ago
- A very weird RAT☆19Aug 11, 2022Updated 3 years ago
- Async rust support for the reverse-engineered Crowdstrike Falcon protocol between the Sensor and cloud services☆17Mar 10, 2023Updated 3 years ago
- Win32 PE Anti-RE and Anti-debugging Framework☆13May 14, 2019Updated 6 years ago
- PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook☆13May 30, 2024Updated last year
- 扫描以及恢复 r3hook 类☆10Aug 29, 2021Updated 4 years ago
- Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.☆32May 18, 2022Updated 3 years ago
- Library and tools to access the Common Log File System (CLFS)☆25Dec 4, 2025Updated 3 months ago
- Tiny driver patch to allow kernel callbacks to work on Win10 21h1☆34Feb 7, 2022Updated 4 years ago
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆32Sep 24, 2025Updated 5 months ago
- A New Exploitation Technique for Visual Studio Projects☆11Nov 5, 2023Updated 2 years ago
- An example of Windows NT Native API application and kernel driver☆22Feb 10, 2020Updated 6 years ago