Tiny driver patch to allow kernel callbacks to work on Win10 21h1
☆34Feb 7, 2022Updated 4 years ago
Alternatives and similar repositories for TelemetrySourcerer-patched
Users that are interested in TelemetrySourcerer-patched are comparing it to the libraries listed below
Sorting:
- Hook NtDeviceIoControlFile with PatchGuard☆107May 10, 2022Updated 3 years ago
- Dump PDB Symbols including support for Bochs Debugging Format (with wine support)☆14Aug 11, 2023Updated 2 years ago
- Hijack Printconfig.dll to execute shellcode☆101Jan 15, 2021Updated 5 years ago
- Open-source EDR kernel-component for system monitoring and DLL injection☆33Nov 14, 2020Updated 5 years ago
- 简单安排一下 autochk.sys 这个rootkit☆73Mar 7, 2023Updated 3 years ago
- 不使用3环挂钩进行DWM桌面绘制☆83Dec 9, 2021Updated 4 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆41Dec 31, 2020Updated 5 years ago
- x64HOOK库☆18Jan 14, 2020Updated 6 years ago
- Open Anti Cheat☆27Jul 16, 2022Updated 3 years ago
- Detect removed thread from PspCidTable.☆75Mar 18, 2022Updated 4 years ago
- Easily hook WIN32 x64 functions☆18Feb 19, 2025Updated last year
- ☆119Aug 7, 2022Updated 3 years ago
- Monitor ETW events for Windows process mitigation policies, with stack traces☆31Oct 7, 2022Updated 3 years ago
- Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL☆219Nov 12, 2020Updated 5 years ago
- ☆12Oct 12, 2021Updated 4 years ago
- Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…☆218Feb 20, 2023Updated 3 years ago
- VisualStudio port of https://github.com/guervild/BOFs/tree/dev/SilentLsassDump☆24Jul 6, 2023Updated 2 years ago
- Unhooks Bit Defender from NTDLL and KERNELBASE using a classic technique.☆57Jun 23, 2023Updated 2 years ago
- Discarded Section Manual Map☆70Jun 18, 2020Updated 5 years ago
- Rootkit & Anti-rootkit☆41Jan 27, 2024Updated 2 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆121Feb 8, 2022Updated 4 years ago
- ☆48Feb 3, 2025Updated last year
- You shall pass☆270Jul 16, 2022Updated 3 years ago
- Analyze Windows x64 Kernel Memory Layout☆130Nov 19, 2020Updated 5 years ago
- ☆163Oct 29, 2020Updated 5 years ago
- ☆82Dec 24, 2021Updated 4 years ago
- Framework for Adversarial Malware Evaluation.☆35Mar 31, 2025Updated 11 months ago
- Simple PE64 parser in Rust.☆13Jul 4, 2019Updated 6 years ago
- Process hiding library☆19Feb 23, 2020Updated 6 years ago
- ☆41Mar 23, 2023Updated 3 years ago
- Less sugar (entropy) for your binaries☆33Sep 10, 2025Updated 6 months ago
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 3 years ago
- PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook☆13May 30, 2024Updated last year
- Attempt to use WFP for proxy interception☆10Jan 13, 2019Updated 7 years ago
- ☆15Oct 7, 2020Updated 5 years ago
- c++ implementation of windows heavens gate☆71Feb 12, 2021Updated 5 years ago
- ☆82Feb 12, 2022Updated 4 years ago
- map driver to memory☆26Aug 26, 2018Updated 7 years ago
- A kernel mode Windows rootkit in development.☆49Dec 31, 2021Updated 4 years ago