A lib that allows using mhyprot2 driver for enum process modules, r/w process memory and kill process.
☆365Oct 28, 2020Updated 5 years ago
Alternatives and similar repositories for Mhyprot2DrvControl
Users that are interested in Mhyprot2DrvControl are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A PoC for Mhyprot2.sys vulnerable driver that allowing read/write memory in kernel/user via unprivileged user process.☆353Jul 3, 2021Updated 4 years ago
- A static library, wrapper for mhyprot vulnerable driver, execute exploits and tests☆133Oct 26, 2020Updated 5 years ago
- Reverse engineering Genshin Impact anticheat to study how anticheats work on the Windows operating system.☆106Nov 27, 2021Updated 4 years ago
- A user-mode emulator for the mhyprot2.sys driver☆121Aug 25, 2022Updated 3 years ago
- Mhy Exp (exploit signed driver)☆141May 17, 2022Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Kill Protected Process Light Process (include av)☆57Sep 15, 2023Updated 2 years ago
- Enumerating and removing kernel callbacks using signed vulnerable drivers☆589Jan 24, 2023Updated 3 years ago
- A PoC for vulnerable driver "mhyprot" that allows us to read/write memory in kernel/user from usermode.☆161Oct 18, 2020Updated 5 years ago
- inject shellcode into remote process via message hook☆15Oct 28, 2020Updated 5 years ago
- Beacon.dll reverse☆141Sep 5, 2021Updated 4 years ago
- CobaltStrike Beacon written in .Net 4 用.net重写了stager及Beacon,其中包括正常上线、文件管理、进程管理、令牌管理、结合SysCall进行注入、原生端口转发、关ETW等一系列功能☆730Sep 1, 2021Updated 4 years ago
- Modified version of Il2CppAssemblyUnhollower that allows you to analysis GenShin Impact's UserAssembly.dll☆43Oct 28, 2020Updated 5 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆1,009Jun 4, 2024Updated last year
- Take a screenshot without injection for Cobalt Strike☆205Jun 7, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Fake Timestamps of Driver Certificates while keeping validity.☆18Jul 15, 2021Updated 4 years ago
- Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThrea…☆1,311Jun 21, 2024Updated last year
- Hook system calls on Windows by using Kaspersky's hypervisor☆1,285Apr 2, 2026Updated last week
- Code Injection, Inject malicious payload via pagetables pml4.☆243Jul 7, 2021Updated 4 years ago
- SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature…☆1,265Aug 27, 2023Updated 2 years ago
- InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assem…☆744Jul 22, 2023Updated 2 years ago
- Cooolis-ms是一个包含了Metasploit Payload Loader、Cobalt Strike External C2 Loader、Reflective DLL injection的代码执行工具,它的定位在于能够在静态查杀上规避一些我们将要执行且含有特征的…☆933Jan 7, 2026Updated 3 months ago
- An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting…☆1,102Jun 17, 2022Updated 3 years ago
- Modified version of Il2CppDumper allows you to dump methods of UserAssembly.dll of the game Genshin Impact☆177Jun 12, 2021Updated 4 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- A collection of various vulnerable (mostly physical memory exposing) drivers.☆456Jun 15, 2022Updated 3 years ago
- Silence EDRs by removing kernel callbacks☆239Dec 7, 2020Updated 5 years ago
- X86 version of syswhispers2 / x86 direct system call☆330Jan 28, 2021Updated 5 years ago
- Execute unmanaged Windows executables in CobaltStrike Beacons☆717Mar 4, 2023Updated 3 years ago
- A PoC designed to bypass all usermode hooks in a WoW64 environment.☆149Sep 16, 2020Updated 5 years ago
- Windows对抗沙箱和虚拟机的方法总结☆403Apr 22, 2020Updated 5 years ago
- Phantom DLL hollowing PoC☆372May 23, 2022Updated 3 years ago
- PrintSpoofer的反射dll实现,结合Cobalt Strike使用☆87Oct 7, 2021Updated 4 years ago
- Yet another SharpSphere☆228Aug 1, 2021Updated 4 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- ☆1,803Aug 30, 2024Updated last year
- 替代PrintBug用于本地提权的新方式,主要利用MS-EFSR协议中的接口函数 借鉴了Potitpotam中对于EFSR协议的利用,实现了本地提权的一系列方式 Drawing on the use of the EFSR protocol in Potitpotam, …☆150Mar 13, 2022Updated 4 years ago
- A tool to kill antimalware protected processes☆1,506Jun 19, 2021Updated 4 years ago
- impersonate trustedinstaller by fiddling with tokens☆17Aug 30, 2021Updated 4 years ago
- Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL☆220Nov 12, 2020Updated 5 years ago
- neat way to detect memory read using nt layer function.☆13Aug 4, 2023Updated 2 years ago
- ☆88Jun 28, 2022Updated 3 years ago