reversinghub / hide-and-seek
PoC for hiding processes from Windows Task Manager by manipulating the graphic interface
☆40Updated 4 years ago
Related projects: ⓘ
- Process Hollowing demonstration & explanation☆31Updated 3 years ago
- 2022 Updated Kernelmode-Code☆29Updated 5 months ago
- Bypass UAC at any level by abusing the Task Scheduler and environment variables☆26Updated 3 years ago
- NT AUTHORITY\SYSTEM☆37Updated 4 years ago
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆65Updated 3 years ago
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆79Updated last year
- kernel to user mode APC injector☆43Updated 2 years ago
- Dll injection through code page id modification in registry. Based on jonas lykk research☆116Updated last year
- A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks.☆98Updated 2 years ago
- Listing UDP connections with remote address without sniffing.☆30Updated 11 months ago
- Inject shellcode to process using Windows NTAPI for bypassing EDRs and Antiviruses☆40Updated 3 years ago
- Simple PE Packer Which Encrypts .text Section☆45Updated 7 years ago
- An initial proof of concept of a bootkit based on Cr4sh's DMABackdoorBoot☆56Updated last year
- Weaponizing Gigabyte driver for priv escalation and bypass PPL☆68Updated 5 years ago
- Recreating and reviewing the Windows persistence methods☆39Updated 2 years ago
- A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…☆91Updated 4 years ago
- Variety of different process injections implemented in C++☆21Updated 3 years ago
- Bypass UAC by abusing the Internet Explorer Add-on installer☆50Updated 3 years ago
- Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware☆23Updated 4 years ago
- Bypass UAC by abusing the Windows Defender Firewall Control Panel, environment variables, and shell protocol handlers☆16Updated 3 years ago
- A Bumblebee-inspired Crypter☆79Updated last year
- APC DLL Injector with NtQueueApcThread and wake up thread support☆44Updated 7 years ago
- Next gen process injection technique☆41Updated 4 years ago
- Fud Runpe Av Evasion / All Av Bypass☆31Updated last year
- Header only library for obfuscation import winapi functions.☆31Updated 3 years ago
- Enabled / Disable LSA Protection via BYOVD☆61Updated 2 years ago
- With this RunPE you can easily inject your payload in any x86 or x64 program.☆13Updated 5 years ago
- NO WriteProcessMemory CreateRemoteThread APIs call shellcode injection☆27Updated 4 years ago
- arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system☆52Updated 2 years ago
- 💻 Windows 10 Kernel-mode rootkit☆30Updated 2 years ago