nqntmqmqmb / pePolymorpher
A tool implementing process hollowing making your PE polymorphic
☆15Updated 4 years ago
Related projects: ⓘ
- Fud Runpe Av Evasion / All Av Bypass☆31Updated last year
- Unhook DLL via cleaning the DLL 's .text section☆9Updated 3 years ago
- Extracting Syscall Stub, Modernized☆60Updated 2 years ago
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆79Updated last year
- Akame is an open-source, UD shellcode loader written in C++17.☆19Updated 2 months ago
- Unhooks Bit Defender from NTDLL and KERNELBASE using a classic technique.☆52Updated last year
- A string obfuscator for .NET apps, built to evade static string analysis.☆99Updated last year
- Bypassing windows uac, however its an old approach/method but its still unpatched ¯\_(ツ)_/¯☆41Updated 2 years ago
- A Bumblebee-inspired Crypter☆79Updated last year
- An initial proof of concept of a bootkit based on Cr4sh's DMABackdoorBoot☆56Updated last year
- ☆15Updated 2 years ago
- Process Hollowing demonstration & explanation☆31Updated 3 years ago
- a stage1 DLL loader with sleep obfuscation☆32Updated last year
- Halos Gate-based NTAPI Unhooker☆49Updated 2 years ago
- Bypass UAC at any level by abusing the Task Scheduler and environment variables☆26Updated 3 years ago
- Bypass UAC by abusing the Internet Explorer Add-on installer☆50Updated 3 years ago
- A small shellcode loader library written in C#☆44Updated 2 years ago
- abusing Process Hacker driver to terminate other processes (BYOVD)☆81Updated last year
- ☆12Updated this week
- ☆35Updated last year
- ☆27Updated this week
- Next gen process injection technique☆41Updated 4 years ago
- A proof of concept I developed to improve Gargoyle back in 2018 to achieve true memory obfuscation from position independent code☆33Updated last week
- 💻 Windows 10 Kernel-mode rootkit☆30Updated 2 years ago
- XssBot-Модульный резидентный бот с супер админкой☆12Updated last year
- Dll injection through code page id modification in registry. Based on jonas lykk research☆116Updated last year
- A rework of CMLuaUtil AutoElevated☆23Updated last year
- Криптор на шелл-кодах☆11Updated 4 years ago
- ☆34Updated this week
- Recreating and reviewing the Windows persistence methods☆39Updated 2 years ago