隐藏可执行内存
☆267Apr 27, 2025Updated 10 months ago
Alternatives and similar repositories for hide_execute_memory
Users that are interested in hide_execute_memory are comparing it to the libraries listed below
Sorting:
- 内核级别隐藏指定窗口☆323Feb 9, 2022Updated 4 years ago
- 将shellcode注入dwm.exe以进行屏幕截取☆362Mar 22, 2022Updated 3 years ago
- Windows X64 mode use seh in manual mapped dll or manual mapped sys☆80Oct 10, 2022Updated 3 years ago
- Kernel dwm render☆170Oct 10, 2023Updated 2 years ago
- ☆82Dec 24, 2021Updated 4 years ago
- 不使用3环挂钩进行DWM桌面绘制☆83Dec 9, 2021Updated 4 years ago
- 沙箱测试,测评国内常见沙箱的代码与结论☆107Jul 3, 2021Updated 4 years ago
- 从MmPfnData中枚举进程和页目录基址☆208Aug 18, 2023Updated 2 years ago
- 研究和移除各种内核回调,在anti anti cheat的路上越走越远☆182Aug 26, 2022Updated 3 years ago
- Hide codes/data in the kernel address space.☆188May 8, 2021Updated 4 years ago
- Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL☆220Nov 12, 2020Updated 5 years ago
- 基于Golang实现的Shellcode内存加载器,共实现3中内存加载shellcode方式,UUID加载,MAC加载和IPv4加载,目前能过主流杀软(包括Windows Defender)☆253Dec 16, 2021Updated 4 years ago
- ☆225Mar 11, 2023Updated 3 years ago
- Hook NtDeviceIoControlFile with PatchGuard☆107May 10, 2022Updated 3 years ago
- 通过反射DLL注入、Win API、C#、以及底层实现NetUserAdd方式实现BypassAV进行增加用户的功能,实现Cobalt Strike插件化☆344Apr 10, 2022Updated 3 years ago
- CS http Dynamic Encrypt Bridge.☆47Nov 12, 2021Updated 4 years ago
- 影子用户 克隆☆233Dec 30, 2021Updated 4 years ago
- ☆144Dec 10, 2022Updated 3 years ago
- ☆193May 1, 2023Updated 2 years ago
- 可在非测试模式下符号化读取内核内存。Kernel memory can be read symbolically in non test mode。☆109Sep 1, 2022Updated 3 years ago
- InfinityHookPro Win7 -> Win11 latest☆553Feb 7, 2023Updated 3 years ago
- 用CSharp写的一款信息搜集工具,目前支持Navicat、TeamView、Xshell、SecureCRT产品的密码解密☆250Aug 26, 2020Updated 5 years ago
- a Windows kernel Pdb parsing and downloading library that running purely in kernel mode without any R3 programs.☆177Sep 13, 2024Updated last year
- 一个用来做windows内核hook的框架☆188Apr 29, 2025Updated 10 months ago
- ShotHv☆155Mar 8, 2022Updated 4 years ago
- Bypass AV 用户添加☆169Dec 30, 2021Updated 4 years ago
- 免杀技术大杂烩---乱拳也打不死老师傅☆1,094Mar 29, 2021Updated 4 years ago
- 绕3环的shellcode免杀框架☆574Mar 19, 2021Updated 5 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆121Feb 8, 2022Updated 4 years ago
- 强制关闭360 需要管理员权限☆170Feb 6, 2022Updated 4 years ago
- shellcode 生成框架☆289Mar 23, 2022Updated 3 years ago
- ☆132Sep 24, 2023Updated 2 years ago
- Hiding the window from screenshots using the function win32kfull::GreProtectSpriteContent☆638Dec 26, 2024Updated last year
- Example of reading process memory through kernel special APC☆111Apr 21, 2023Updated 2 years ago
- Page fault hook use ept (Intel Virtualization Technology)☆200Oct 19, 2016Updated 9 years ago
- The Kernel-Mode Winsock library, supporting TCP, UDP and Unix sockets (DGRAM and STREAM).☆290Jan 27, 2025Updated last year
- 创建服务持久化☆108Apr 26, 2021Updated 4 years ago
- ☆74Jul 23, 2021Updated 4 years ago
- 替代PrintBug用于本地提权的新方式,主要利用MS-EFSR协议中的接口函数 借鉴了Potitpotam中对于EFSR协议的利用,实现了本地提权的一系列方式 Drawing on the use of the EFSR protocol in Potitpotam, …☆149Mar 13, 2022Updated 4 years ago