jschicht / HideAndProtectLinks
Makes files super hidden on NTFS
☆16Updated 11 years ago
Alternatives and similar repositories for HideAndProtect
Users that are interested in HideAndProtect are comparing it to the libraries listed below
Sorting:
- An example pattern in C# for using WMI to monitor process creation and termination events.☆52Updated 7 years ago
- DLL Injection Library & Tools☆72Updated 9 years ago
- Sample libraries to be used with IAT Patcher☆34Updated 2 years ago
- ☆33Updated 10 years ago
- Protects and logs suspicious and malicious usage of .NET CSC.exe and Runtime C# Compilation☆25Updated 7 years ago
- CmdDesktopSwitch is a small utility that lists all windows desktops and provides the option to switch between them. This can be used to i…☆35Updated 9 years ago
- PoC: Prevent a debugger from attaching to managed .NET processes via a watcher process code pattern.☆32Updated 7 years ago
- Powerful commandline $MFT record editor.☆25Updated 10 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆20Updated 7 years ago
- Antivirus Emulator Fingerprints☆29Updated 6 years ago
- r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems☆28Updated 7 years ago
- Dynamic and extensible shell code generator with multiple output types which can be formatted in binary, hexadecimal, and the typical she…☆19Updated 5 years ago
- ☆45Updated 7 years ago
- An example of PE hollowing injection technique☆24Updated 6 years ago
- Windows DLL Loading Utility☆12Updated 5 years ago
- ☆35Updated 7 years ago
- Windows x64 Process Scanner to detect application compatability shims☆37Updated 6 years ago
- Archive of ransomware decryptors☆31Updated 7 years ago
- Library for Windows XML Event Log (EVTX) data types☆18Updated 11 months ago
- Arya is a simple obfuscator for .NET binaries.☆39Updated 7 years ago
- A Catalog of Application Whitelisting Bypass Techniques☆31Updated 10 years ago
- r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems☆27Updated 7 years ago
- A minimal tool to extract shellcode from 64-bit PE binaries.☆51Updated 3 years ago
- Parser for a custom executable formats from Hidden Bee and Rhadamanthys malware☆55Updated 3 weeks ago
- ☆22Updated 4 years ago
- A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection☆32Updated 4 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆15Updated 6 years ago
- Experimental: Windows .text section compare - disk versus memory☆15Updated 10 years ago
- Code Injector Using Code Caves☆15Updated 10 years ago
- Injection of MSIL using Cecil☆12Updated 10 years ago