Elevate a process to be a protected process
☆156Sep 5, 2019Updated 6 years ago
Alternatives and similar repositories for pplib
Users that are interested in pplib are comparing it to the libraries listed below
Sorting:
- Capcom driver exploit wrapper☆131May 24, 2019Updated 6 years ago
- Currently supports injecting signed/unsigned DLLs in 64-bit processes☆60Sep 14, 2020Updated 5 years ago
- Disable Driver Callbacks☆104Oct 16, 2017Updated 8 years ago
- A quick-and-dirty anti-hook library proof of concept.☆105Aug 29, 2018Updated 7 years ago
- This program remaps its image to prevent the page protection of pages contained in the image from being modified via NtProtectVirtualMemo…☆632Mar 19, 2019Updated 6 years ago
- clearing traces of a loaded driver☆47Jul 2, 2022Updated 3 years ago
- DLL scatter manual mapper☆811Apr 10, 2021Updated 4 years ago
- Prototype of hijacking Windows driver dispatch routines in unmapped discardable sections☆55Mar 30, 2019Updated 6 years ago
- the basic version of the ring0 physical memory read/write tool☆92Aug 18, 2019Updated 6 years ago
- Hide codes/data in the kernel address space.☆188May 8, 2021Updated 4 years ago
- P2C Loader based on blackbone, used by isolation.top and others.☆13Jan 2, 2018Updated 8 years ago
- Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.☆902Nov 21, 2019Updated 6 years ago
- Analyze patches in a process☆259Jul 28, 2021Updated 4 years ago
- The program draws with win32k gdi functions in the kernel while NtGdiDdDDISubmitCommand is being hooked.☆344Apr 27, 2020Updated 5 years ago
- reverse engineering of bedaisy.sys (battleyes kernel driver) - Aki2k/BEDaisy☆116Aug 10, 2020Updated 5 years ago
- Handle elevation DKOM against ObRegisterCallbacks☆339Sep 20, 2018Updated 7 years ago
- PE permutation library☆278Apr 8, 2023Updated 2 years ago
- System call hook for Windows 10 20H1☆496Jun 26, 2021Updated 4 years ago
- Modifies the code of the RtlUserThreadStart callback and reads the arguments passed to it. Then it changes the initial execution argument…☆15Mar 4, 2018Updated 7 years ago
- disable most common windowsx64 systems patchguard☆87Dec 29, 2018Updated 7 years ago
- KSOCKET provides a very basic example how to make a network connections in the Windows Driver by using WSK☆541Sep 2, 2022Updated 3 years ago
- Windows driver for spoofing serial number of HDDs☆221Sep 8, 2022Updated 3 years ago
- Inline syscalls made easy for windows on clang☆736Jun 21, 2024Updated last year
- x64 usermode rootkit☆211Apr 11, 2018Updated 7 years ago
- Analysing and defeating PatchGuard universally☆36Nov 4, 2020Updated 5 years ago
- A library to manipulate physical memory from usermode.☆303Sep 5, 2023Updated 2 years ago
- Kernel Hook X64☆26Oct 11, 2020Updated 5 years ago
- WoW64 -> x64☆18Oct 1, 2016Updated 9 years ago
- An example code of CiGetCertPublisherName☆17Mar 24, 2022Updated 3 years ago
- A modern c++ implementation of windows heavens gate☆245Sep 19, 2020Updated 5 years ago
- Hooking SSDT with Avast Internet Security Hypervisor☆115Apr 6, 2019Updated 6 years ago
- A reflexive driver loader to bypass Windows DSE (featuring a custom PE loader)☆44Sep 1, 2018Updated 7 years ago
- PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook☆12May 30, 2024Updated last year
- x64 free protect Features 1.process/thread handle protect 2.anti taskmgr.exe 3.hide process 4.anti-debugger(user/kernel debugger)☆87Apr 3, 2019Updated 6 years ago
- The Network project is a C++ encapsulation of WinSock2 to form a lightweight network library; The Graphics project is a C++ encapsulation…☆13Oct 31, 2017Updated 8 years ago
- Invoke functions with a spoofed return address. For 32-bit Windows binaries. Supports __fastcall, __thiscall, __stdcall and __cdecl calli…☆175Feb 17, 2023Updated 3 years ago
- Turn off PatchGuard in real time for win7 (7600) ~ later☆1,037Apr 21, 2022Updated 3 years ago
- x64dbg plugin for simple spoofing of CPUID instruction behavior☆100Feb 19, 2023Updated 3 years ago
- ☆29Sep 18, 2015Updated 10 years ago