red4000 / ZMIST

Related projects ⓘ

Alternatives and complementary repositories for ZMIST

• yardenshafir / cet-research
  A collection of tools, source code, and papers researching Windows' implementation of CET.
  ☆74Updated 4 years ago
• Microwave89 / createuserprocess
  Three Tiny Examples of Directly Using Vista's NtCreateUserProcess
  ☆85Updated 9 years ago
• hMihaiDavid / addscn
  Add an empty section to a PE file
  ☆49Updated 7 years ago
• h4xu3lyn / NTLib
  Headers for linking your software with ntdll.dll
  ☆15Updated 4 years ago
• 0vercl0k / sic
  Enumerate user mode shared memory mappings on Windows.
  ☆114Updated 3 years ago
• therealdreg / cgaty
  Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)
  ☆69Updated last year
• Fyyre / directntapi
  DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10
  ☆52Updated 8 months ago
• jeperez / WinREPL
  x86 and x64 assembly "read-eval-print loop" for Windows
  ☆25Updated 7 years ago
• hasherezade / pe_utils
  A set of small utilities, helpers for PIN tracers
  ☆31Updated last year
• hasherezade / paramkit
  A small library helping to parse commandline parameters (for C/C++)
  ☆53Updated last year
• hfiref0x / Misc
  Miscellaneous Code and Docs
  ☆77Updated 11 months ago
• DownWithUp / DynamicKernelShellcode
  An example of how x64 kernel shellcode can dynamically find and use APIs
  ☆103Updated 4 years ago
• andrew-boyarshin / LoaderWatch
  Windows 10 PE image loader (LDR) NTDLL component toolbox
  ☆41Updated 5 years ago
• jackullrich / TRunPE
  A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…
  ☆92Updated 5 years ago
• therealdreg / windbgtocstruct
  Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…
  ☆26Updated last year
• Jb05s / Exploit-Dev-C
  ☆22Updated 4 years ago
• hasherezade / pin_n_sieve
  An experimental dynamic malware unpacker based on Intel Pin and PE-sieve
  ☆57Updated 2 months ago
• kkent030315 / NtSymbol
  Resolve DOS MZ executable symbols at runtime
  ☆93Updated 3 years ago
• SouhailHammou / KernelSymbolsHelper
  Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…
  ☆53Updated 5 years ago
• mathisvickie / CVE-2021-21551
  arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system
  ☆53Updated 2 years ago
• hasherezade / libpeconv_tpl
  A ready-made template for a project based on libpeconv.
  ☆41Updated 3 weeks ago
• ajkhoury / Windbg2Struct
  Takes a Windbg dumped structure (using the 'dt' command) and formats it into a C structure
  ☆33Updated 4 months ago
• redplait / pexphide
  PoC for hiding PE exports
  ☆65Updated 3 years ago
• arizvisa / ndk
  A local copy of Alex Ionescu's seemingly abandoned native-nt-toolkit project containing knowledge inherited from the ReactOS project.
  ☆53Updated 5 years ago
• aaaddress1 / wow64Jit
  Call 32bit NtDLL API directly from WoW64 Layer
  ☆60Updated 3 years ago
• wbenny / EtwConsumerNT
  Simple project that demonstrates how an ETW consumer can be created just by using NTDLL
  ☆134Updated 5 years ago
• bi-zone / rdtsc-checkvirt-poc
  Virtualization detection through speculative execution PoCs and papers
  ☆67Updated 6 years ago
• ionescu007 / hazmat5
  Local OXID Resolver (LCLOR) : Research and Tooling
  ☆33Updated 3 years ago
• ytk2128 / pe32-password
  Sample project that encrypts windows 32-bit executables with password
  ☆52Updated 2 years ago
• OsandaMalith / ApiMon
  A simple API monitor for Windbg
  ☆62Updated 7 years ago