sreeharshabandi / Captain
Process Creation, Image Load and Thread Creation Notification
☆10Updated last year
Related projects ⓘ
Alternatives and complementary repositories for Captain
- Windows driver template, using C++20 & cmake & GithubActions☆19Updated 3 months ago
- A driver to implement IOCTL hooking☆23Updated 2 years ago
- An example of how to use Microsoft Windows Warbird technology☆25Updated last year
- Proof-of-concept game using VBS enclaves to protect itself from cheating☆19Updated last week
- Signature scanner and API hooks to detect malicious process injection☆18Updated last year
- UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.☆44Updated last year
- Some drivers I've written while solving exercises from Practical Reverse Engineering☆14Updated 2 years ago
- Bypassing kernel patch protection runtime☆19Updated last year
- EDR PoC WIP LLC☆10Updated 9 months ago
- WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs☆16Updated last year
- A Windows API hooking library !☆30Updated 2 years ago
- Windows Minidump loader for Ghidra☆19Updated 2 years ago
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year
- ☆29Updated 3 years ago
- ☆29Updated 2 years ago
- Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling☆30Updated 5 years ago
- ☆15Updated last year
- Detects if a Kernel mode debugger is active by reading the value of KUSER_SHARED_DATA.KdDebuggerEnabled. It is a high level and portable …☆22Updated 7 years ago
- XOrCryptEx lightweight C Utility/Algorithm☆11Updated 2 years ago
- Sample for Creating a new kernel object type and supporting API☆22Updated 2 months ago
- Load Dll into Kernel space☆38Updated 2 years ago
- ☆16Updated 2 years ago
- Code Integrity Violation Spotter☆17Updated 5 months ago
- Anti-Analysis technique, trick the debugger by Hiding events from it.☆18Updated 3 years ago
- Yet another Windows DLL injector.☆38Updated 3 years ago
- ☆17Updated 3 years ago
- FastSymApi - A Fast API PDB Symbol Cache Server that efficiently caches and compresses PDBs on disk for quick and repeated retrieval.☆18Updated last month
- A packed & protected Module Loader and more, for 64-bit Windows☆28Updated 3 years ago
- ☆25Updated 3 years ago