mgeeky / prc_xchkLinks
User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.
☆19Updated 9 years ago
Alternatives and similar repositories for prc_xchk
Users that are interested in prc_xchk are comparing it to the libraries listed below
Sorting:
- The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers☆34Updated 8 years ago
- Class implementation of PowerLoader injection technique☆32Updated 8 years ago
- Helper utility for debugging windows PE/PE+ loader.☆52Updated 10 years ago
- Simple PE packer with RtlCompressBuffer☆21Updated 9 years ago
- A library that allows hook any imported function from the IAT (works only in x64)☆11Updated 6 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆22Updated 8 years ago
- ☆19Updated 10 years ago
- drvtriks kernel driver for Windows 7 SP1 and 8.1 x64, that tricks around in your system.☆33Updated 7 years ago
- ☆14Updated 8 years ago
- Kinject - kernel dll injector, currently available in x86 version, will be updated to x64 soon.☆32Updated 10 years ago
- PoC for detecting and dumping process hollowing code injection☆52Updated 6 years ago
- User-mode program parsing logs created by HyperPlatform☆18Updated 9 years ago
- OpenHIPS prevents exploitation of Windows systems☆35Updated 12 years ago
- Code Injection technique written in cpp language☆32Updated 7 years ago
- A simple native code virtualizer for 32-bit Windows PE☆15Updated 9 years ago
- Kernel-mode file scanner☆18Updated 7 years ago
- Polymorphic Stub Creator☆34Updated 8 years ago
- Windows device tree walker☆15Updated 6 years ago
- Kernel-Mode rootkit that connects to a remote server to send & recv commands☆33Updated 6 years ago
- ☆33Updated 4 years ago
- PoC for detecting and dumping code injection (built and extended on UnRunPE)☆57Updated 6 years ago
- A MITM proxy server for reflective DLL injection through WinINet☆15Updated 7 years ago
- just an lite AntiRootkit for interesting☆24Updated 9 years ago
- Notes my learning steps about Windows-NT☆23Updated 8 years ago
- Reflective DLL Injection style process infector☆20Updated 7 years ago
- ☆24Updated 7 years ago
- User-mode hook bypassing method☆33Updated 9 years ago
- Assembly code to use for Windows kernel shellcode to edit winlogon.exe ACL☆13Updated 8 years ago
- Wow64 syscall hook☆41Updated 8 years ago
- ☆14Updated 8 years ago