nbqofficial / CTHDLinks
Process hiding library
☆19Updated 5 years ago
Alternatives and similar repositories for CTHD
Users that are interested in CTHD are comparing it to the libraries listed below
Sorting:
- ☆12Updated last year
- Abusing RtlAdjustPrivilege and NtSetInformationProcess to cause a BSOD from usermode☆17Updated 2 years ago
- Stealthy Injector that leverages a vulnerable driver and other exploits to remain undetected☆36Updated 6 years ago
- Hijack NotifyRoutine for a kernelmode thread☆42Updated 3 years ago
- ☆17Updated 3 years ago
- Register a callback from a Manually mapped kernel module☆16Updated 3 years ago
- Disk based DMA for ATA and SCSI☆23Updated last year
- A poc that abuses Enclave☆38Updated 2 years ago
- mouseclassservicecallback detection via hook☆50Updated 3 years ago
- Only for Stress-Testing☆24Updated 3 years ago
- Simple memory obfuscator.☆24Updated 2 years ago
- Using SetWindowHookEx for preinjected DLL's☆58Updated 2 years ago
- A reflexive driver loader to bypass Windows DSE (featuring a custom PE loader)☆41Updated 6 years ago
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆50Updated 4 years ago
- clearing traces of a loaded driver☆47Updated 2 years ago
- search for a driver/dll module that has a wanted section bigger than the size of your image☆19Updated 3 years ago
- Disable threat tracing from the kernel..☆13Updated 3 years ago
- A C++ syscall ID extractor for Windows. Developed, debugged and tested on 20H2.☆20Updated 4 years ago
- PAGE_GUARD based hooking library☆46Updated 2 years ago
- A simple present scene, kernel allocation injector.☆24Updated 2 years ago
- a driver to enumerate registered pnp callbacks for a particular interface class based on reversal of IoRegisterPlugPlayNotification☆11Updated last year
- comparing data of module exports from disk and memory, then caching any differences.☆22Updated 3 years ago
- Single header library to simplify the usage of direct syscalls. x64/x86☆11Updated 2 years ago
- RWX Section Abusing☆17Updated last year
- Header only UM AC "bypass"☆19Updated last year
- detect hypervisor with Nmi Callback☆34Updated 2 years ago
- x64 assembler library☆31Updated last year
- Stealing signatures from pe files☆17Updated 2 months ago
- Old way for blocking NMI interrupts☆26Updated 2 years ago
- ☆38Updated 2 years ago