mgeeky / PE-library
Lightweight Portable Executable parsing library and a demo peParser application.
☆77Updated 2 years ago
Alternatives and similar repositories for PE-library:
Users that are interested in PE-library are comparing it to the libraries listed below
- Library for using direct system calls☆35Updated last month
- File system minifilter driver for Windows to block symbolic link attacks.☆51Updated 4 years ago
- Call 32bit NtDLL API directly from WoW64 Layer☆60Updated 4 years ago
- Resolve DOS MZ executable symbols at runtime☆96Updated 3 years ago
- A simple password-based PE encryptor for Windows 32-bit executables.☆51Updated 2 months ago
- Static library and headers for linking your software with ntdll.dll☆32Updated 5 years ago
- Three Tiny Examples of Directly Using Vista's NtCreateUserProcess☆87Updated 9 years ago
- Standalone program to download PDB Symbol files for debugging without WDK☆76Updated 5 years ago
- Add an empty section to a PE file☆53Updated 7 years ago
- Hook all callbacks which are registered with LdrRegisterDllNotification☆84Updated 2 years ago
- c++ implementation of windows heavens gate☆68Updated 4 years ago
- a ntdll.h head file which download from network, and fix all found problems by me.☆32Updated 2 months ago
- An example of a client and server using Windows' ALPC functions to send and receive data.☆94Updated 2 months ago
- C++ library for low-level Windows development☆72Updated 11 months ago
- Analyze and attack windows applications using dll hijacking vulnerabilities☆56Updated 5 years ago
- A driver to intercept low level windows events☆62Updated 5 years ago
- A simple tool for detecting memory modifications to Windows API.☆22Updated 2 months ago
- Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler☆28Updated 3 years ago
- arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system☆56Updated 3 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆53Updated 5 years ago
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆70Updated last year
- A driver that hooks C: volume using symbolic link callback to track all FS access to the volume☆108Updated 4 years ago
- Debug Print viewer (user and kernel)☆65Updated last year
- LSASS INJECTOR☆35Updated 6 years ago
- ☆26Updated 3 years ago
- Demo service that runs in svchost.exe☆79Updated 7 years ago
- Position-idependent Windows DLL loader based on ReflectiveDLL project.☆95Updated 6 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆104Updated 4 years ago
- ☆37Updated 5 years ago
- Dumps information about all the callback objects found in a dump file and the functions registered for them☆35Updated 4 years ago