nbqofficial / CTHD
Process hiding library
☆18Updated 4 years ago
Related projects: ⓘ
- Abusing RtlAdjustPrivilege and NtSetInformationProcess to cause a BSOD from usermode☆14Updated 2 years ago
- A resource for thread hijacking and manual mapping code, that works with MEM_MAPPED & MEM_IMAGE.☆22Updated 3 years ago
- ☆36Updated last year
- Stealing signatures from pe files☆15Updated 2 years ago
- ☆25Updated this week
- ☆41Updated this week
- Stealthy Injector that leverages a vulnerable driver and other exploits to remain undetected☆36Updated 5 years ago
- Patches DSE by swapping both data ptrs located in SeValidateImageHeader && SeValidateImageData☆19Updated 7 months ago
- POC kernel driver with hidden system thread☆10Updated 4 months ago
- Register a callback from a Manually mapped kernel module☆11Updated 2 years ago
- ☆28Updated this week
- ☆11Updated 5 years ago
- ☆42Updated 2 years ago
- PAGE_GUARD based hooking library☆38Updated 2 years ago
- Achieving code execution through abusing VEH☆15Updated last year
- Communicate from ring-0 to ring-3 using NamedPipes.☆9Updated last year
- UM-KM Communication using registry callbacks☆35Updated 4 years ago
- Simple driver loader for windows☆17Updated 4 years ago
- ☆15Updated this week
- ☆31Updated this week
- ☆76Updated 3 years ago
- ☆46Updated this week
- Hijack NotifyRoutine for a kernelmode thread☆40Updated 2 years ago
- A packed & protected Module Loader and more, for 64-bit Windows☆28Updated 3 years ago
- ☆50Updated this week
- Mapping your code on a 0x1000 size page☆66Updated 2 years ago
- kernel driver used to monitor the activity of BadlionAnticheat.sys by patching its IAT☆32Updated 3 years ago
- a dumb rpm/wpm example driver☆14Updated 3 years ago
- Bypasses for Windows kernel callbacks PatchGuard protection☆42Updated 3 years ago
- RWX Section Abusing☆16Updated 10 months ago