A rust proof of concept to demonstrate registry overwriting via RegRestoreKey using the Offline Registry Library
☆24Nov 13, 2025Updated 5 months ago
Alternatives and similar repositories for Regstoration
Users that are interested in Regstoration are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- An example of an external LLVM plugin module transform pass for the latest versions.☆15Oct 21, 2025Updated 5 months ago
- ☆13Dec 26, 2024Updated last year
- Section-based payload obfuscation technique for x64☆64Aug 8, 2024Updated last year
- Slides for COM Hijacking AV/EDR Talk on 38c3☆75Jan 3, 2025Updated last year
- Mentally ill EtwTi parser☆69Jan 11, 2026Updated 3 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Beacon Debugger☆55Oct 28, 2024Updated last year
- A synergized Visual Studio and Rust development environment☆19Jan 25, 2025Updated last year
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution☆44Oct 11, 2025Updated 6 months ago
- Help red teams find opsec processes during engagements☆43Dec 7, 2024Updated last year
- A tracker DLL which enables 'NTAPI->Syscall' tracking whenever it is loaded. It calls 'NtSetInformationProcess' API call with a callback …☆14Oct 21, 2024Updated last year
- Dll injection through code page id modification in registry. Based on jonas lykk research☆16Jun 18, 2022Updated 3 years ago
- ☆54Mar 26, 2025Updated last year
- System Call Integrity Layer - experimental security research☆25Updated this week
- Enable EFS service as low priv user (PE & BOF)☆21Jul 6, 2025Updated 9 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆32Sep 24, 2025Updated 6 months ago
- A Windows C++ OLE/COM Object explorer written in WTL.☆16Feb 28, 2025Updated last year
- A runtime for developing large-scale and complex shellcode.☆22Mar 31, 2026Updated 2 weeks ago
- ☆17May 22, 2024Updated last year
- Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does☆95Jul 3, 2025Updated 9 months ago
- Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…☆94Jul 7, 2025Updated 9 months ago
- Community Eventing and Scripting examples☆19Aug 11, 2025Updated 8 months ago
- BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR☆76Feb 9, 2024Updated 2 years ago
- This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-…☆17Sep 26, 2025Updated 6 months ago
- Deploy open-source AI quickly and easily - Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- A work-in-progress C++20/23 header-only maths library for game development, embedded, kernel and general-purpose that works in constant c…☆25Dec 6, 2022Updated 3 years ago
- Leveraging TPM2 TCG Logs (Measured Boot) to Detect UEFI Drivers and Pre-Boot Applications☆22Mar 28, 2025Updated last year
- a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor☆110Mar 25, 2024Updated 2 years ago
- A lightweight test harness designed to speed up shellcode development by providing an execution environment with integrated crash diagnos…☆43Jan 15, 2026Updated 3 months ago
- a demo module for the kaine agent to execute and inject assembly modules☆41Aug 28, 2024Updated last year
- early cascade injection PoC based on Outflanks blog post, in rust☆62Nov 8, 2024Updated last year
- Using DLL sideloading to hijack the exe main thread before starting it! 使用dll侧载在exe程序主线程启动之前劫持主线程。☆27Jul 25, 2025Updated 8 months ago
- From C, Rust or Zig to binary shellcode compiler based on Mingw gcc. It allows using Win32 APIs and standard libraries without any change…☆53Mar 16, 2026Updated last month
- LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.☆326Jan 17, 2024Updated 2 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven☆267Oct 16, 2024Updated last year
- https://github.com/janoglezcampos/c_syscalls with the ASM rewritten by myself for Visual Studio's Compiler.☆34Jun 23, 2024Updated last year
- BYOVD: Use 360 WFP driver to block EDR/XDR network connection.☆117Feb 10, 2026Updated 2 months ago
- An alternative to the builtin clipboard feature in Cobalt Strike that adds the capability to enable/disable and dump the clipboard histor…☆104Jan 9, 2026Updated 3 months ago
- A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …☆192Apr 26, 2025Updated 11 months ago
- Python code to Serialize and Unserialize java binary serialization format.☆29Feb 27, 2026Updated last month
- TL-NodeJsShell 是一个为安全专业人员和渗透测试人员设计的综合性 WebShell 管理平台。它提供了一个现代化的 Web 界面,用于管理基于 Node.js 的 Shell,具有内存马注入、命令执行、文件管理和代理支持等高级功能。☆82Dec 12, 2025Updated 4 months ago