lennyRBLX / ret_addr_spooferView external linksLinks
Compileable POC of namazso's x64 return address spoofer.
☆50Jun 10, 2020Updated 5 years ago
Alternatives and similar repositories for ret_addr_spoofer
Users that are interested in ret_addr_spoofer are comparing it to the libraries listed below
Sorting:
- clearing traces of a loaded driver☆47Jul 2, 2022Updated 3 years ago
- A simple way to spoof return addresses using an exception handler☆43Aug 3, 2022Updated 3 years ago
- Libraries written in inline assembly☆19Aug 7, 2023Updated 2 years ago
- search for a driver/dll module that has a wanted section bigger than the size of your image☆20Aug 14, 2021Updated 4 years ago
- ☆16Oct 31, 2022Updated 3 years ago
- ☆159May 21, 2024Updated last year
- ☆33Dec 13, 2017Updated 8 years ago
- Invoke functions with a spoofed return address. For 32-bit Windows binaries. Supports __fastcall, __thiscall, __stdcall and __cdecl calli…☆175Feb 17, 2023Updated 2 years ago
- communicate with kernel using a image on disk☆16May 1, 2024Updated last year
- Modified version of face injector v2, added some things and alternative injection method. TAGS: fortnite cheat, fortnite injector☆78May 26, 2022Updated 3 years ago
- Detect removed thread from PspCidTable.☆75Mar 18, 2022Updated 3 years ago
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆75Aug 16, 2023Updated 2 years ago
- ☆34Apr 11, 2023Updated 2 years ago
- base for testing☆186Sep 28, 2024Updated last year
- A wrapper class to hide the original calling address of a function☆55Aug 9, 2020Updated 5 years ago
- ☆14Jul 20, 2023Updated 2 years ago
- This driver hooks a device object for ioctl and uses mdls to allocate physical pages and manually injects an entry into a process's page …☆15Feb 14, 2023Updated 3 years ago
- ☆38Nov 30, 2022Updated 3 years ago
- This is the P.O.C source for hooking the system calls on Windows 10 (1903) using it's dynamic trace feature weakness☆53Sep 12, 2019Updated 6 years ago
- Old way for blocking NMI interrupts☆29Sep 6, 2022Updated 3 years ago
- C/C++ example of InjectMouseInput function☆35Apr 17, 2021Updated 4 years ago
- Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executabl…☆382Jan 29, 2022Updated 4 years ago
- Stealthy UM <-> KM communication system without creating any system threads, permanent hooks, driver objects, section objects or device o…☆376Mar 15, 2024Updated last year
- Kernel driver for detecting Intel VT-x hypervisors.☆192Jul 11, 2023Updated 2 years ago
- Single header library to simplify the usage of direct syscalls. x64/x86☆14Feb 26, 2023Updated 2 years ago
- bypass CRC☆12May 3, 2018Updated 7 years ago
- POC kernel driver with hidden system thread☆13May 14, 2024Updated last year
- An example code of CiGetCertPublisherName☆17Mar 24, 2022Updated 3 years ago
- IO隐藏通信封装☆17May 31, 2021Updated 4 years ago
- automates exploits using ROP chains, using ntdll-scraper☆16May 26, 2022Updated 3 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- Demo proof of concept for shadow regions, and implementation of HyperDeceit.☆313May 31, 2023Updated 2 years ago
- State of the art DLL injector that took 20 minutes to make☆226Aug 16, 2023Updated 2 years ago
- This tool will allow you to spoof the return addresses of your functions as well as system functions.☆547Nov 12, 2022Updated 3 years ago
- This project will give you an example how you can hook a kernel vtable function that cannot be directly called☆84Dec 25, 2021Updated 4 years ago
- ☆63Sep 28, 2022Updated 3 years ago
- Basic d3d11 nuklear implementation for internal game cheats.☆16Jan 21, 2021Updated 5 years ago
- Illustrates the concept of return address spoofing, and how it is used.☆14May 13, 2020Updated 5 years ago
- Hook NtDeviceIoControlFile with PatchGuard☆107May 10, 2022Updated 3 years ago