redplait / pexphide
PoC for hiding PE exports
☆65Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for pexphide
- An example of how x64 kernel shellcode can dynamically find and use APIs☆103Updated 4 years ago
- A repository where I share my injection implemintations☆29Updated 4 years ago
- Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler☆26Updated 3 years ago
- A ready-made template for a project based on libpeconv.☆41Updated last month
- ☆57Updated 2 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆53Updated 5 years ago
- Clone running process with ZwCreateProcess☆58Updated 4 years ago
- Command like tool to print mitigation flags for running processes in a memory dump☆44Updated 4 years ago
- Sysmon shenanigans☆65Updated 4 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆51Updated 3 years ago
- ☆35Updated 5 years ago
- ☆66Updated 3 years ago
- ☆22Updated 4 years ago
- arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system☆53Updated 3 years ago
- ☆31Updated 4 years ago
- ☆44Updated 4 years ago
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆69Updated last year
- An automatic tool for fixing dumped PE files☆41Updated 4 years ago
- ☆29Updated 2 years ago
- ☆17Updated 3 years ago
- Windows kernel PDB data parsed into YAML☆31Updated last week
- This is a simple driver with x64 inline assembly☆53Updated 4 years ago
- APC DLL Injector with NtQueueApcThread and wake up thread support☆44Updated 7 years ago
- Recreating and reviewing the Windows persistence methods☆39Updated 3 years ago
- Resolve DOS MZ executable symbols at runtime☆93Updated 3 years ago
- Blog posts☆30Updated 4 years ago
- ☆19Updated 4 years ago
- Example for PagedOut!☆24Updated 5 years ago