nickcano / ReloadLibrary
A quick-and-dirty anti-hook library proof of concept.
☆100Updated 6 years ago
Related projects: ⓘ
- Dump system call codes, names, and offsets from Ntdll.dll☆70Updated 11 months ago
- Resolve DOS MZ executable symbols at runtime☆93Updated 2 years ago
- ☆150Updated 4 years ago
- A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.☆111Updated 2 years ago
- x64 Windows PatchGuard bypass, register process-creation callbacks from unsigned code☆195Updated 3 years ago
- Elevate a process to be a protected process☆140Updated 5 years ago
- x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration☆214Updated 2 years ago
- My Proof of Concept code for different publicly disclosed vulnerabilities☆45Updated 4 months ago
- C++ library for parsing and manipulating PE files statically and dynamically.☆82Updated 11 months ago
- Exploit MsIo vulnerable driver☆82Updated 3 years ago
- Obfuscate calls to imports by patching in stubs☆58Updated 3 years ago
- x64 syscall caller in C++.☆84Updated 6 years ago
- Custom GetProcAddress, GetModuleHandleA and some dbghelp.dll functions☆81Updated 5 years ago
- PE-Dump-Fixer☆100Updated 4 years ago
- Disable Driver Callbacks☆97Updated 6 years ago
- Kernel LdrLoadDll injector☆258Updated 5 years ago
- A modern, mod independent open source cheat for Enemy Territory☆62Updated 6 months ago
- API Set resolver for Windows☆114Updated last week
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆133Updated 2 years ago
- based on https://github.com/secrary/Hooking-via-InstrumentationCallback☆67Updated 4 years ago
- ☆64Updated 3 years ago
- LSASS INJECTOR☆33Updated 5 years ago
- Example Windows Kernel-mode Driver which enumerates running processes.☆51Updated 2 years ago
- A documented Windows x64 bit Usermode Injector that works via hooking IAT and hijacking its threads to execute shellcode.☆62Updated last year
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆165Updated 6 years ago
- Vectored Exception Handling Hooking Class☆143Updated 5 years ago
- Intercepting DeviceControl via WPP☆125Updated 4 years ago
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆100Updated last year
- Hide function calls to prevent reverse-engineering☆64Updated 3 years ago
- A simple tool to assemble shellcode ready to be copy-pasted into code☆63Updated 2 years ago