☆23Jan 25, 2022Updated 4 years ago
Alternatives and similar repositories for ProcessStealth
Users that are interested in ProcessStealth are comparing it to the libraries listed below
Sorting:
- Hides processes from the windows task manager using IAT hooking.☆22Mar 30, 2021Updated 4 years ago
- A demonstration of how page tables can be used to run arbitrary code in ring-0 and lead to a privesc. Uses CVE-2016-7255 as an example.☆11Jun 11, 2018Updated 7 years ago
- A BOF for enumerating version information for DLLs associated for a Beacon process.☆16Nov 23, 2021Updated 4 years ago
- Windows Explorer application written in assembly☆15Jun 15, 2023Updated 2 years ago
- 从入门到放弃的产物,学习过程中用python实现的一个单点c2基本功能☆11Mar 11, 2020Updated 5 years ago
- Example of async client/server sockets in .NET 5☆17Jun 9, 2021Updated 4 years ago
- Disable PPL via custom driver and dump lsass☆15Mar 13, 2021Updated 4 years ago
- ☆13Dec 27, 2023Updated 2 years ago
- inject shellcode into remote process via message hook☆15Oct 28, 2020Updated 5 years ago
- Proof-of-Concept software for detecting AV/EDR hooks in Windows libraries.☆38May 12, 2022Updated 3 years ago
- Dangling COM Keys Finder☆17Nov 16, 2021Updated 4 years ago
- A manual PE mapping implementation, aka reflective loader☆21Updated this week
- Lightweight C# windows agent for Apfell☆17Mar 16, 2020Updated 5 years ago
- Simple and sane compression wrapper library.☆19Oct 28, 2022Updated 3 years ago
- An attempt at reversing WindowsDefender☆20Oct 6, 2024Updated last year
- A repo to hold any bypasses I work on/study/whatever☆19Dec 30, 2020Updated 5 years ago
- BitRat Source Code☆42Oct 23, 2020Updated 5 years ago
- Minimalist Custom .NET Core Garbage Collector☆23Jun 15, 2020Updated 5 years ago
- ☆26Apr 10, 2023Updated 2 years ago
- MiniDumpWriteDump behavior modification hook☆50Feb 15, 2021Updated 5 years ago
- Dell Driver EoP (CVE-2021-21551)☆26Feb 3, 2023Updated 3 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- ☆26Dec 29, 2021Updated 4 years ago
- Get windows CPU temperature with WinRing0 driver and library☆25Jan 10, 2019Updated 7 years ago
- Windows x64 Process Injection via Ghostwriting with Dynamic Configuration☆29Oct 29, 2021Updated 4 years ago
- POC code to crash Windows Event Logger Service☆27Oct 16, 2020Updated 5 years ago
- Windows Kernel Knowledge && Collect Resources on the wire && Nothing innovation by myself &&☆62Jan 29, 2026Updated last month
- Piece of code to detect and remove hooks in IAT☆65May 30, 2022Updated 3 years ago
- SLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#☆66Aug 29, 2023Updated 2 years ago
- D/Invoke port of UrbanBishop☆30Dec 13, 2020Updated 5 years ago
- ☆26May 22, 2021Updated 4 years ago
- Proof of Concept for EFSRPC Arbitrary File Upload (CVE-2021-43893)☆64Feb 14, 2022Updated 4 years ago
- Shellcode antivirus evasion framework☆27Jan 16, 2021Updated 5 years ago
- Call NtCreateUserProcess directly as normal.☆77May 17, 2022Updated 3 years ago
- Study and research with your docs, media, and AI in one place☆33Updated this week
- My personal shellcode loader☆32Mar 9, 2023Updated 2 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆37Jul 27, 2021Updated 4 years ago
- Minimal PoC developed as discuss in https://captmeelo.com/redteam/maldev/2022/05/10/ntcreateuserprocess.html☆144May 10, 2022Updated 3 years ago
- Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.☆84May 3, 2023Updated 2 years ago