roadwy / RecordLinks
☆16Updated 11 years ago
Alternatives and similar repositories for Record
Users that are interested in Record are comparing it to the libraries listed below
Sorting:
- automates exploits using ROP chains, using ntdll-scraper☆16Updated 3 years ago
- Self-Loading Registration Free COM Functions☆11Updated 5 years ago
- Resources from my journey into Windows binary exploitation☆22Updated 6 years ago
- Shellcode injection using debugging APIs☆19Updated 11 years ago
- Yet another Windows DLL injector.☆39Updated 3 years ago
- ☆20Updated 5 years ago
- Remote PE reflective injection with a simple reflective loader☆31Updated 5 years ago
- An example of PE hollowing injection technique☆23Updated 5 years ago
- Execute an arbitrary command within the context of another process☆20Updated 5 years ago
- A working version of this tutorial: https://docs.microsoft.com/en-us/windows/desktop/rpc/tutorial☆16Updated 5 years ago
- ☆31Updated 4 years ago
- Open-source EDR kernel-component for system monitoring and DLL injection☆31Updated 4 years ago
- Enumerate the DLLs/Modules using NtQueryVirtualMemory☆32Updated 9 years ago
- ☆19Updated 9 years ago
- The project was upgraded from https://coder.pub/ and supported VS2017. The original author wrote the detailed design ideas documentation…☆19Updated 7 years ago
- Example for PagedOut!☆24Updated 5 years ago
- ☆12Updated 5 years ago
- API hashing written in C to load APIs indirectly using CRC32 hashing☆14Updated 4 years ago
- A POC for Windows Extension Host hooking☆22Updated 5 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 7 years ago
- Code Integrity Violation Spotter☆16Updated 11 months ago
- Headers for linking your software with ntdll.dll☆15Updated 4 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆39Updated 4 years ago
- ☆33Updated 3 years ago
- Injects position-dependent code into a code cave in an executable file, and applies relocations.☆23Updated 2 years ago
- Windows x64 Process Scanner to detect application compatability shims☆37Updated 6 years ago
- A kernel mode Windows rootkit in development.☆48Updated 3 years ago
- Windows Application Loader Running *.Exe files in Memory against Scrylla☆21Updated 5 years ago
- Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling☆33Updated 5 years ago
- ☆24Updated 3 years ago