pr0tean / TelemetrySourcerer-patched
Tiny driver patch to allow kernel callbacks to work on Win10 21h1
☆31Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for TelemetrySourcerer-patched
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆20Updated 2 years ago
- A kernel mode Windows rootkit in development.☆49Updated 2 years ago
- ☆22Updated last year
- A compact tool for detecting AV/EDR hooks in default Windows libraries.☆29Updated 2 years ago
- ☆98Updated 2 years ago
- ☆12Updated 2 years ago
- Dll injection through code page id modification in registry. Based on jonas lykk research☆117Updated last year
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆48Updated last year
- POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…☆38Updated 3 years ago
- Enabled / Disable LSA Protection via BYOVD☆62Updated 2 years ago
- ☆15Updated 3 years ago
- APC DLL Injector with NtQueueApcThread and wake up thread support☆44Updated 7 years ago
- ☆37Updated last year
- Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits☆28Updated 2 years ago
- ☆27Updated 2 years ago
- Subtract one PE file from another!☆19Updated 3 years ago
- Get your data from the resource section manually, with no need for windows apis☆53Updated last month
- Process Injection: APC Injection☆27Updated 3 years ago
- ☆27Updated 4 months ago
- XOrCryptEx lightweight C Utility/Algorithm☆11Updated 2 years ago
- A PoC tool for exploiting leaked process and thread handles☆30Updated 9 months ago
- Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules☆42Updated last year
- IAT-Obfuscation to make static analysis of executable harder.☆41Updated 3 years ago
- Six cases demonstrating methods of optimizing GetProcAddress☆17Updated 2 years ago
- ☆26Updated 2 years ago
- ☆37Updated 3 years ago