Elevate a process to be a protected process
☆156Sep 5, 2019Updated 6 years ago
Alternatives and similar repositories for pplib
Users that are interested in pplib are comparing it to the libraries listed below
Sorting:
- Capcom driver exploit wrapper☆131May 24, 2019Updated 6 years ago
- Currently supports injecting signed/unsigned DLLs in 64-bit processes☆59Sep 14, 2020Updated 5 years ago
- This program remaps its image to prevent the page protection of pages contained in the image from being modified via NtProtectVirtualMemo…☆632Mar 19, 2019Updated 7 years ago
- DLL scatter manual mapper☆813Apr 10, 2021Updated 4 years ago
- A quick-and-dirty anti-hook library proof of concept.☆105Aug 29, 2018Updated 7 years ago
- Disable Driver Callbacks☆104Oct 16, 2017Updated 8 years ago
- disable most common windowsx64 systems patchguard☆87Dec 29, 2018Updated 7 years ago
- PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook☆13May 30, 2024Updated last year
- PE permutation library☆277Apr 8, 2023Updated 2 years ago
- Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.☆905Nov 21, 2019Updated 6 years ago
- System call hook for Windows 10 20H1☆496Jun 26, 2021Updated 4 years ago
- Analyze patches in a process☆260Jul 28, 2021Updated 4 years ago
- the basic version of the ring0 physical memory read/write tool☆92Aug 18, 2019Updated 6 years ago
- Protected Process Light Library☆18Jun 20, 2020Updated 5 years ago
- Handle elevation DKOM against ObRegisterCallbacks☆344Sep 20, 2018Updated 7 years ago
- Modifies the code of the RtlUserThreadStart callback and reads the arguments passed to it. Then it changes the initial execution argument…☆15Mar 4, 2018Updated 8 years ago
- clearing traces of a loaded driver☆47Jul 2, 2022Updated 3 years ago
- The program draws with win32k gdi functions in the kernel while NtGdiDdDDISubmitCommand is being hooked.☆345Apr 27, 2020Updated 5 years ago
- Inline syscalls made easy for windows on clang☆736Jun 21, 2024Updated last year
- Prototype of hijacking Windows driver dispatch routines in unmapped discardable sections☆55Mar 30, 2019Updated 6 years ago
- Hooking SSDT with Avast Internet Security Hypervisor☆115Apr 6, 2019Updated 6 years ago
- Obfuscates all RTTI (Run-time type information) inside a binary☆200Oct 17, 2017Updated 8 years ago
- x64 free protect Features 1.process/thread handle protect 2.anti taskmgr.exe 3.hide process 4.anti-debugger(user/kernel debugger)☆87Apr 3, 2019Updated 6 years ago
- KSOCKET provides a very basic example how to make a network connections in the Windows Driver by using WSK☆541Sep 2, 2022Updated 3 years ago
- Literally, the perfect injector.☆978Apr 13, 2023Updated 2 years ago
- A library to manipulate physical memory from usermode.☆303Sep 5, 2023Updated 2 years ago
- Protected Processes Light Killer☆981Mar 24, 2023Updated 2 years ago
- P2C Loader based on blackbone, used by isolation.top and others.☆13Jan 2, 2018Updated 8 years ago
- Hide codes/data in the kernel address space.☆188May 8, 2021Updated 4 years ago
- windows kernel pagehook☆42Oct 30, 2022Updated 3 years ago
- Turn off PatchGuard in real time for win7 (7600) ~ later☆1,038Apr 21, 2022Updated 3 years ago
- PoC: make WDA_MONITOR window transparent on screenshot/capture☆101Feb 5, 2020Updated 6 years ago
- Invoke functions with a spoofed return address. For 32-bit Windows binaries. Supports __fastcall, __thiscall, __stdcall and __cdecl calli…☆176Feb 17, 2023Updated 3 years ago
- library for importing functions from dlls in a hidden, reverse engineer unfriendly way☆1,903Aug 3, 2023Updated 2 years ago
- Kernel Hook X64☆26Oct 11, 2020Updated 5 years ago
- reverse engineering of bedaisy.sys (battleyes kernel driver) - Aki2k/BEDaisy☆121Aug 10, 2020Updated 5 years ago
- Open source anti cheat☆578Dec 9, 2025Updated 3 months ago
- Reading/writing memory from kernel-mode☆29Aug 3, 2017Updated 8 years ago
- Analysing and defeating PatchGuard universally☆36Nov 4, 2020Updated 5 years ago