A rust proof of concept to demonstrate registry overwriting via RegRestoreKey using the Offline Registry Library
☆24Nov 13, 2025Updated 4 months ago
Alternatives and similar repositories for Regstoration
Users that are interested in Regstoration are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- An example of an external LLVM plugin module transform pass for the latest versions.☆14Oct 21, 2025Updated 5 months ago
- ☆14Dec 26, 2024Updated last year
- Section-based payload obfuscation technique for x64☆64Aug 8, 2024Updated last year
- Slides for COM Hijacking AV/EDR Talk on 38c3☆75Jan 3, 2025Updated last year
- Mentally ill EtwTi parser☆69Jan 11, 2026Updated 2 months ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- Beacon Debugger☆55Oct 28, 2024Updated last year
- A synergized Visual Studio and Rust development environment☆19Jan 25, 2025Updated last year
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution☆44Oct 11, 2025Updated 5 months ago
- Help red teams find opsec processes during engagements☆42Dec 7, 2024Updated last year
- Dll injection through code page id modification in registry. Based on jonas lykk research☆17Jun 18, 2022Updated 3 years ago
- A tracker DLL which enables 'NTAPI->Syscall' tracking whenever it is loaded. It calls 'NtSetInformationProcess' API call with a callback …☆14Oct 21, 2024Updated last year
- ☆54Mar 26, 2025Updated last year
- System Call Integrity Layer - experimental security research☆25Jan 31, 2026Updated last month
- Enable EFS service as low priv user (PE & BOF)☆21Jul 6, 2025Updated 8 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆32Sep 24, 2025Updated 6 months ago
- A Windows C++ OLE/COM Object explorer written in WTL.☆16Feb 28, 2025Updated last year
- A runtime for developing large-scale and complex shellcode.☆22Updated this week
- ☆17May 22, 2024Updated last year
- Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does☆95Jul 3, 2025Updated 8 months ago
- Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…☆95Jul 7, 2025Updated 8 months ago
- Community Eventing and Scripting examples☆19Aug 11, 2025Updated 7 months ago
- BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR☆76Feb 9, 2024Updated 2 years ago
- This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-…☆17Sep 26, 2025Updated 6 months ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Leveraging TPM2 TCG Logs (Measured Boot) to Detect UEFI Drivers and Pre-Boot Applications☆22Mar 28, 2025Updated 11 months ago
- A work-in-progress C++20/23 header-only maths library for game development, embedded, kernel and general-purpose that works in constant c…☆25Dec 6, 2022Updated 3 years ago
- a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor☆112Mar 25, 2024Updated 2 years ago
- A lightweight test harness designed to speed up shellcode development by providing an execution environment with integrated crash diagnos…☆43Jan 15, 2026Updated 2 months ago
- a demo module for the kaine agent to execute and inject assembly modules☆41Aug 28, 2024Updated last year
- early cascade injection PoC based on Outflanks blog post, in rust☆62Nov 8, 2024Updated last year
- Using DLL sideloading to hijack the exe main thread before starting it! 使用dll侧载在exe程序主线程启动之前劫持主线程。☆26Jul 25, 2025Updated 8 months ago
- From C, Rust or Zig to binary shellcode compiler based on Mingw gcc. It allows using Win32 APIs and standard libraries without any change…☆53Mar 16, 2026Updated last week
- LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.☆324Jan 17, 2024Updated 2 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven☆267Oct 16, 2024Updated last year
- https://github.com/janoglezcampos/c_syscalls with the ASM rewritten by myself for Visual Studio's Compiler.☆34Jun 23, 2024Updated last year
- BYOVD: Use 360 WFP driver to block EDR/XDR network connection.☆105Feb 10, 2026Updated last month
- Arbitrary command execution on Open Folder via .vscode/tasks.json☆33Jan 19, 2026Updated 2 months ago
- An alternative to the builtin clipboard feature in Cobalt Strike that adds the capability to enable/disable and dump the clipboard histor…☆103Jan 9, 2026Updated 2 months ago
- A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …☆191Apr 26, 2025Updated 11 months ago
- Python code to Serialize and Unserialize java binary serialization format.☆29Feb 27, 2026Updated last month