Subtract one PE file from another!
☆20Oct 1, 2021Updated 4 years ago
Alternatives and similar repositories for PEDiffGen
Users that are interested in PEDiffGen are comparing it to the libraries listed below
Sorting:
- Various shellcodes☆12Sep 1, 2020Updated 5 years ago
- hooking KiUserApcDispatcher☆27Apr 3, 2017Updated 8 years ago
- NT AUTHORITY\SYSTEM☆43Jul 8, 2020Updated 5 years ago
- Walking the PEB in VBA☆24Apr 6, 2020Updated 5 years ago
- Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…☆25Mar 26, 2020Updated 5 years ago
- A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing…☆14Nov 8, 2020Updated 5 years ago
- ☆11Jun 9, 2020Updated 5 years ago
- A dll injector static library for Win x64 processes with handle elevation supported☆12Mar 28, 2021Updated 4 years ago
- CLI version of NetworkMiner (https://www.netresec.com/?page=NetworkMiner)☆13Dec 1, 2025Updated 3 months ago
- Silent Cleanup UAC Bypass POC☆11Dec 15, 2019Updated 6 years ago
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆73Aug 11, 2023Updated 2 years ago
- desktop screenshot☆29Apr 26, 2023Updated 2 years ago
- A slightly safer io access library☆14Sep 20, 2021Updated 4 years ago
- ☆16Apr 14, 2020Updated 5 years ago
- CVE-2021-29337 - Privilege Escalation in MODAPI.sys (MSI Dragon Center)☆31Oct 12, 2021Updated 4 years ago
- PoC for CVE-2021-32537: an out-of-bounds memory access that leads to pool corruption in the Windows kernel.☆57Jun 26, 2021Updated 4 years ago
- CVE-2021-21975 vRealize Operations Manager SSRF☆13Mar 31, 2021Updated 4 years ago
- POC for CVE-2021-1699☆17Mar 31, 2021Updated 4 years ago
- A modified fork of Be.HexEditor for use in debug tools☆15Jan 5, 2022Updated 4 years ago
- C# code to run PIC using CreateThread☆17Apr 19, 2019Updated 6 years ago
- This script will pull and analyze syscalls in given application(s) allowing for easier security research purposes☆21Mar 11, 2021Updated 4 years ago
- x64 Windows privilege elevation using anycall☆22May 28, 2021Updated 4 years ago
- Ransoblin (Ransomware Bokoblin)☆18Oct 4, 2020Updated 5 years ago
- A proof-of-concept tool that attempts to retrieve the configuration from the memory dump of an F-Secure C3 Relay executable.☆17Jul 2, 2021Updated 4 years ago
- Swift code to run a dylib on disk☆16May 9, 2022Updated 3 years ago
- a dumb rpm/wpm example driver☆15Jun 7, 2021Updated 4 years ago
- Parses logs created by Cobalt Strike or Brute Ratel and creates an SQLite DB which can be used to create custom reports.☆24Jan 15, 2026Updated last month
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆146Feb 23, 2019Updated 7 years ago
- 加密壳☆35Mar 14, 2020Updated 5 years ago
- Spin up a reverse proxy quickly on Heroku☆15Dec 5, 2020Updated 5 years ago
- ☆15Oct 7, 2020Updated 5 years ago
- Utility to remove digital code signature from binary PE files in Windows.☆17Apr 25, 2021Updated 4 years ago
- Dump mapped PE files from memory to the disk☆20Jun 28, 2019Updated 6 years ago
- extracts shellcode from a nasm compile macho binary☆17Jan 28, 2021Updated 5 years ago
- Call arbitrary Windows kernel-mode functions from Python on another machine☆44Sep 17, 2021Updated 4 years ago
- ☆22Jul 10, 2020Updated 5 years ago
- Swift code to programmatically execute local or hosted JXA payloads from Terminal without using the on-disk osascript binary.☆23Apr 22, 2021Updated 4 years ago
- Example code for using named pipe output with beacon ReflectiveDLLs☆121Jun 24, 2020Updated 5 years ago
- Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CV…☆258Sep 1, 2022Updated 3 years ago