source code
☆183May 6, 2019Updated 6 years ago
Alternatives and similar repositories for CheckVM-Sandbox
Users that are interested in CheckVM-Sandbox are comparing it to the libraries listed below
Sorting:
- Windows对抗沙箱和虚拟机的方法总结☆401Apr 22, 2020Updated 5 years ago
- a frame of amd-v svm nest☆53Apr 7, 2020Updated 5 years ago
- Windows device tree walker☆15Sep 19, 2018Updated 7 years ago
- MouHidInputHook enables users to filter, modify, and inject mouse input data packets into the input data stream of HID USB mouse devices …☆11Jul 11, 2019Updated 6 years ago
- Windows 10 LPE (UAC Bypass) in Windows Store (WSReset.exe)☆267Dec 19, 2019Updated 6 years ago
- AntiSpy is a free but powerful anti virus and rootkits toolkit.It offers you the ability with the highest privileges that can detect,anal…☆1,114Apr 22, 2021Updated 4 years ago
- hooking KiUserApcDispatcher☆27Apr 3, 2017Updated 8 years ago
- awesome-windows-security-development☆178Mar 15, 2018Updated 7 years ago
- Manual PE image mapper☆66Aug 29, 2013Updated 12 years ago
- EoP POC for CVE-2019-1132☆61Sep 8, 2019Updated 6 years ago
- exploit termdd.sys(support kb4499175)☆61Jul 15, 2019Updated 6 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆104May 14, 2020Updated 5 years ago
- Windows Console Monitor☆34Jun 11, 2019Updated 6 years ago
- Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.☆158Jun 10, 2019Updated 6 years ago
- POCs for Shellcode Injection via Callbacks☆411Feb 23, 2021Updated 5 years ago
- enable libemu run pe file and add some good modify☆14Feb 4, 2019Updated 7 years ago
- SuperDllHijack:A general DLL hijack technology, don't need to manually export the same function interface of the DLL, so easy! 一种通用Dll劫持技…☆1,019Nov 10, 2021Updated 4 years ago
- win10 pgContext dynamic dump (btc version)☆110Jan 15, 2020Updated 6 years ago
- IDA 7.0 meets watch view!☆43Sep 6, 2021Updated 4 years ago
- Windows 10 UAC bypass PoC using LaunchInfSection☆35Aug 3, 2018Updated 7 years ago
- Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment☆124Sep 9, 2020Updated 5 years ago
- ☆125May 23, 2020Updated 5 years ago
- The kernel mode Standard Template Library Template☆19Feb 22, 2020Updated 6 years ago
- POC for a race condition exploit using directory junctions in Windows☆17Apr 26, 2020Updated 5 years ago
- Some ways to inject a DLL into a alive process☆365Apr 26, 2018Updated 7 years ago
- ☆164May 18, 2018Updated 7 years ago
- The exploit samples database is a repository for **RCE** (remote code execution) exploits and Proof-of-Concepts for **WINDOWS**, the samp…☆746Dec 11, 2023Updated 2 years ago
- A simple COM server which provides a component to run shellcode☆149May 12, 2020Updated 5 years ago
- Lightweight WINAPI tracing with Pin☆27Aug 22, 2019Updated 6 years ago
- Pseudo-malicious usermode memory artifact generator kit designed to easily mimic the footprints left by real malware on an infected Windo…☆233Mar 18, 2024Updated last year
- Скрытие строки от отладчиков и декомпиляторов☆51Oct 16, 2019Updated 6 years ago
- Research on Windows Kernel Executive Callback Objects☆316Feb 22, 2020Updated 6 years ago
- Exploiting HEVD's WriteWhatWhereIoctlDispatch for LPE on Windows 10 TH2 through RS3 using GDI objects.☆24Jan 23, 2018Updated 8 years ago
- A kernel mode Windows rootkit in development.☆49Dec 31, 2021Updated 4 years ago
- 绕3环的shellcode免杀框架☆574Mar 19, 2021Updated 4 years ago
- Kernel Stack info leak at exportObjectToClient function☆42May 21, 2019Updated 6 years ago
- 沙箱测试,测评国内常见沙箱的代码与结论☆107Jul 3, 2021Updated 4 years ago
- ☆116Oct 1, 2019Updated 6 years ago
- Public documents related to my talk "Bypass Windows Exploit Guard ASR" at Offensive Con 2019.☆94Feb 24, 2019Updated 7 years ago