隐藏可执行内存
☆267Apr 27, 2025Updated 10 months ago
Alternatives and similar repositories for hide_execute_memory
Users that are interested in hide_execute_memory are comparing it to the libraries listed below
Sorting:
- 内核级别隐藏指定窗口☆320Feb 9, 2022Updated 4 years ago
- ☆81Dec 24, 2021Updated 4 years ago
- 将shellcode注入dwm.exe以进行屏幕截取☆356Mar 22, 2022Updated 3 years ago
- 研究和移除各种内核回调,在anti anti cheat的路上越走越远☆183Aug 26, 2022Updated 3 years ago
- 沙箱测试,测评国内常见沙箱的代码与结论☆107Jul 3, 2021Updated 4 years ago
- 影子用户 克隆☆232Dec 30, 2021Updated 4 years ago
- 基于Golang实现的Shellcode内存加载器,共实现3中内存加载shellcode方式,UUID加载,MAC加载和IPv4加载,目前能过主流杀软(包括Windows Defender)☆253Dec 16, 2021Updated 4 years ago
- 不使用3环挂钩进行DWM桌面绘制☆82Dec 9, 2021Updated 4 years ago
- 通过反射DLL注入、Win API、C#、以及底层实现NetUserAdd方式实现BypassAV进行增加用户的功能,实现Cobalt Strike插件化☆344Apr 10, 2022Updated 3 years ago
- 绕3环的shellcode免杀框架☆574Mar 19, 2021Updated 4 years ago
- 免杀技术大杂烩---乱拳也打不死老师傅☆1,094Mar 29, 2021Updated 4 years ago
- Bypass AV 用户添加☆169Dec 30, 2021Updated 4 years ago
- Kernel dwm render☆168Oct 10, 2023Updated 2 years ago
- Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL☆219Nov 12, 2020Updated 5 years ago
- Windows X64 mode use seh in manual mapped dll or manual mapped sys☆80Oct 10, 2022Updated 3 years ago
- 用CSharp写的一款信息搜集工具,目前支持Navicat、TeamView、Xshell、SecureCRT产品的密码解密☆251Aug 26, 2020Updated 5 years ago
- Code for Battleyes shellcode☆239Nov 11, 2021Updated 4 years ago
- Hook NtDeviceIoControlFile with PatchGuard☆107May 10, 2022Updated 3 years ago
- ☆74Jul 23, 2021Updated 4 years ago
- Page fault hook use ept (Intel Virtualization Technology)☆200Oct 19, 2016Updated 9 years ago
- 40行代码检测到大部分CobaltStrike的shellcode☆294Jul 25, 2021Updated 4 years ago
- Hide codes/data in the kernel address space.☆188May 8, 2021Updated 4 years ago
- 可在非测试模式下符号化读取内核内存。Kernel memory can be read symbolically in non test mode。☆109Sep 1, 2022Updated 3 years ago
- 创建服务持久化☆108Apr 26, 2021Updated 4 years ago
- 从MmPfnData中枚举进程和页目录基址☆205Aug 18, 2023Updated 2 years ago
- InfinityHookPro Win7 -> Win11 latest☆551Feb 7, 2023Updated 3 years ago
- 替代PrintBug用于本地提权的新方式,主要利用MS-EFSR协议中的接口函数 借鉴了Potitpotam中对于EFSR协议的利用,实现了本地提权的一系列方式 Drawing on the use of the EFSR protocol in Potitpotam, …☆149Mar 13, 2022Updated 3 years ago
- ShotHv☆154Mar 8, 2022Updated 3 years ago
- 利用NTLM Hash读取Exchange邮件☆441Jan 7, 2025Updated last year
- 强制关闭360 需要管理员权限☆171Feb 6, 2022Updated 4 years ago
- 利用物理内存映射,实现虚拟内存的伪隐藏☆86Sep 15, 2022Updated 3 years ago
- Load CLR to get RWX 通过加载clr在自身内存中产生rwx空间☆22Sep 28, 2022Updated 3 years ago
- 防火墙出网探测工具,内网穿透型socks5代理☆269Nov 12, 2021Updated 4 years ago
- UAC bypass for x64 Windows 7 - 11(无弹窗版)☆281Sep 5, 2022Updated 3 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆121Feb 8, 2022Updated 4 years ago
- CS http Dynamic Encrypt Bridge.☆47Nov 12, 2021Updated 4 years ago
- dump lsass进程工具☆561Jul 20, 2023Updated 2 years ago
- CobaltStrike Beacon written in .Net 4 用.net重写了stager及Beacon,其中包括正常上线、文件管理、进程管理、令牌管理、结合SysCall进行注入、原生端口转发、关ETW等一系列功能☆731Sep 1, 2021Updated 4 years ago
- ☆223Mar 11, 2023Updated 2 years ago