A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class
☆27Sep 15, 2023Updated 2 years ago
Alternatives and similar repositories for cpuid
Users that are interested in cpuid are comparing it to the libraries listed below
Sorting:
- Reports and POCs for CVE 2024-43570 and CVE-2024-43535☆29Jun 7, 2025Updated 8 months ago
- A mechanism that trampoline hooks functions in x86/x64 systems.☆21Oct 9, 2024Updated last year
- Only for educational purposes☆12Jun 17, 2023Updated 2 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- ☆164Dec 30, 2022Updated 3 years ago
- POC about how to prevent windbg break☆15Oct 3, 2022Updated 3 years ago
- A small tool I made to dump the export table of PE files. The primary use case was intended for use within DLL proxying.☆71Aug 16, 2022Updated 3 years ago
- A repo containing some tooling build to assist with reverse engineering malware samples☆15Jul 22, 2023Updated 2 years ago
- Beacon Object Files used for Cobalt Strike☆19Jul 18, 2023Updated 2 years ago
- ☆60Jan 9, 2023Updated 3 years ago
- idk man this was the default github name☆35Apr 23, 2023Updated 2 years ago
- Proof-of-concept implementation for the paper "Hammulator: Simulate Now - Exploit Later" (DRAMSec 2023)☆17Sep 15, 2025Updated 5 months ago
- An open-source process injection enumeration tool written in C#☆174Dec 16, 2022Updated 3 years ago
- My implementation of the GIUDA project in C++☆189Jul 25, 2023Updated 2 years ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆409Jan 11, 2026Updated last month
- QLoader is a PE loader creator that helps you quickly create a non-exe loader for application☆113Oct 5, 2024Updated last year
- Retrieve inner payloads from Donut samples☆120Dec 1, 2025Updated 3 months ago
- Encodes a payload within a generated mock-CSS file☆59Sep 18, 2023Updated 2 years ago
- ☆88Aug 16, 2025Updated 6 months ago
- Classic Process Injection with Memory Evasion Techniques implemantation☆73Oct 28, 2023Updated 2 years ago
- Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…☆129Sep 27, 2023Updated 2 years ago
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Aug 11, 2023Updated 2 years ago
- One Click Tool to Scan All the Enabled Protection of current Windows NT Kernel☆43Oct 2, 2023Updated 2 years ago
- PoC MSI payload based on ASEC/AhnLab's blog post☆24Sep 19, 2022Updated 3 years ago
- A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80☆21Apr 2, 2025Updated 11 months ago
- ☆101Oct 7, 2023Updated 2 years ago
- A small tool to unmap PE memory dumps.☆11Nov 9, 2023Updated 2 years ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆66May 2, 2023Updated 2 years ago
- Extension functionality for the NightHawk operator client☆26Oct 31, 2023Updated 2 years ago
- DNS over HTTPS targeted malware (only runs once)☆96Aug 16, 2023Updated 2 years ago
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆185Aug 2, 2023Updated 2 years ago
- Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"☆31Jan 14, 2023Updated 3 years ago
- Windows APT Warfare, published by Packt☆75Mar 11, 2023Updated 2 years ago
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆242Sep 26, 2023Updated 2 years ago
- ☆11Sep 30, 2023Updated 2 years ago
- simple C# portscanner - written for playing around with Metasploit's Execute-Assembly☆10Jul 1, 2023Updated 2 years ago
- ☆12Jun 22, 2022Updated 3 years ago
- Interact with Windows RPC Services over SMB using go-smb☆11Updated this week
- Volatility 3 plugins to extract a module as complete as possible☆12Jun 13, 2023Updated 2 years ago