rokups / ReflectiveLdr
Position-idependent Windows DLL loader based on ReflectiveDLL project.
☆90Updated 5 years ago
Related projects: ⓘ
- Weaponizing Gigabyte driver for priv escalation and bypass PPL☆68Updated 5 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆103Updated 4 years ago
- Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler☆26Updated 3 years ago
- APC DLL Injector with NtQueueApcThread and wake up thread support☆44Updated 7 years ago
- Shellcode to load an appended Dll☆89Updated 3 years ago
- NO WriteProcessMemory CreateRemoteThread APIs call shellcode injection☆27Updated 4 years ago
- c++ implementation of windows heavens gate☆54Updated 3 years ago
- A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…☆91Updated 4 years ago
- POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…☆38Updated 2 years ago
- ☆68Updated 11 months ago
- PoC for hiding PE exports☆65Updated 3 years ago
- A PoC designed to bypass all usermode hooks in a WoW64 environment.☆147Updated 4 years ago
- ☆44Updated this week
- Call 32bit NtDLL API directly from WoW64 Layer☆59Updated 3 years ago
- [UNOFFICIAL MIRROR] Automatic Win32 binary obfuscator☆45Updated 9 years ago
- Alternative Windows C runtime for minimal binary size☆34Updated 8 years ago
- A ready-made template for a project based on libpeconv.☆40Updated last year
- Clone running process with ZwCreateProcess☆58Updated 3 years ago
- ☆96Updated 2 years ago
- Hook all callbacks which are registered with LdrRegisterDllNotification☆79Updated last year
- Library for using direct system calls☆35Updated 4 years ago
- ☆110Updated this week
- ☆35Updated 5 years ago
- Collection of DLL function export forwards for DLL export function proxying☆88Updated last year
- Use NT Native Registry API to create a registry that normal user can not query.☆54Updated 6 years ago
- Windows Sandbox Framework☆35Updated 2 years ago
- A quick-and-dirty anti-hook library proof of concept.☆100Updated 6 years ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆102Updated 3 years ago
- Inject unsigned DLL into Protected Process Light (PPL)☆12Updated last year
- Lightweight Portable Executable parsing library and a demo peParser application.☆71Updated last year