rbmm / remap

Related projects ⓘ

Alternatives and complementary repositories for remap

• zodiacon / VerifierDLL
  Example of building an application verifer DLL
  ☆45Updated 5 months ago
• rbmm / TPM
  Easy encrypt/decrypt data with TPM
  ☆24Updated 8 months ago
• rbmm / RtlClone
  ☆27Updated 4 months ago
• zodiacon / NativePowers
  Native Powers Talk demos
  ☆14Updated last year
• DownWithUp / WarbirdExamples
  An example of how to use Microsoft Windows Warbird technology
  ☆25Updated last year
• oldboy21 / SWAPPALA
  In-memory hiding technique
  ☆43Updated 5 months ago
• jsecurity101 / MSFT_DriverBlockList
  Repository of Microsoft Driver Block Lists based off of OS-builds
  ☆38Updated 6 months ago
• 0xMegaByte / COM-Explained
  ☆27Updated 2 years ago
• alfarom256 / MinifilterResearch
  ☆16Updated 2 years ago
• jbaines-r7 / dellicious
  Enabled / Disable LSA Protection via BYOVD
  ☆62Updated 2 years ago
• RobinFassinaMoschiniForks / TransitionalPeriod
  Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits
  ☆28Updated 2 years ago
• 0mWindyBug / WFPCalloutReserach
  research revolving the windows filtering platform callout mechanism
  ☆20Updated 5 months ago
• rbmm / LIB
  ☆8Updated this week
• rbmm / LdrpKernel32DllName
  ☆84Updated 5 months ago
• ch3rn0byl / Gremlins
  ☆13Updated last year
• zodiacon / MalDevWorkshopWebinar
  Demo from the Malware Analysis and Development Webinar
  ☆19Updated 6 months ago
• ph4s3tw0 / GetProcAddressCaseStudies
  Six cases demonstrating methods of optimizing GetProcAddress
  ☆17Updated 2 years ago
• therealdreg / dregate
  call gates as stable comunication channel for NT x86 and Linux x86_64
  ☆30Updated last year
• rbmm / DirectSysCall
  ☆12Updated last year
• oberrich / phnt-rs
  Rust bindings to the System Informer's (formerly known as Process Hacker) "phnt" native Windows headers
  ☆38Updated last month
• bluefrostsecurity / Windows-Drive-Remapping-EoP
  ☆27Updated 11 months ago
• SaadAhla / BlockNonMSModules
  Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules
  ☆42Updated last year
• RATandC2 / FilelessNtdllReflection
  Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…
  ☆15Updated last year
• un4ckn0wl3z / PCIE-Detector
  Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures
  ☆30Updated last month
• gabriellandau / ShadowStackWalk
  Finding Truth in the Shadows
  ☆84Updated last year
• Flerov / EAKC-EnumAllKernelCallbacks
  Enumerate Callbacks and all Object Types
  ☆13Updated last year
• 1027565 / InstrumentationCallbacks
  A native Windows library for intercepting kernel-to-user transitions using instrumentation callbacks
  ☆16Updated 9 months ago
• matterpreter / cpuid
  A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class
  ☆24Updated last year
• Hagrid29 / herpaderply_hollowing
  Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping
  ☆45Updated 2 years ago
• 0mWindyBug / MinifilterHook
  silence file system monitoring components by hooking their minifilters
  ☆51Updated 9 months ago