Process Creation, Image Load and Thread Creation Notification
☆13Sep 15, 2023Updated 2 years ago
Alternatives and similar repositories for Captain
Users that are interested in Captain are comparing it to the libraries listed below
Sorting:
- Linux Malware creator to attack Windows System via Reverse Shell with FindWindow Process Code Injection☆19Mar 18, 2023Updated 2 years ago
- ☆23Jul 24, 2023Updated 2 years ago
- ATHERCRC32 Provide developers with a complete framework for using CRC32 in functions/classes in memory, and protecting your software agai…☆15Jan 29, 2021Updated 5 years ago
- Handle access elevation by DKOM☆12Sep 29, 2022Updated 3 years ago
- A simple example how to decrypt kernel debugger data block☆32Feb 8, 2021Updated 5 years ago
- Inject dll to process in driver☆10Aug 27, 2024Updated last year
- VEH debug plugin☆13Apr 28, 2022Updated 3 years ago
- Windows user mini-dump helper library to extract data from it.☆13May 17, 2025Updated 9 months ago
- This is the PoC of a dynamic lifter and deobfuscator with collecting trace.☆37Oct 11, 2023Updated 2 years ago
- Windows kernel driver template for cmkr and llvm-msvc.☆35Dec 20, 2023Updated 2 years ago
- Looks for a vulnerable entry point to bypass BE Anti Cheat or other in Ring3☆19Feb 25, 2023Updated 3 years ago
- 通过重造轮子和调用OpenSSL的方式学习密码!!☆15Jan 28, 2023Updated 3 years ago
- Libraries written in inline assembly☆19Aug 7, 2023Updated 2 years ago
- Some drivers I've written while solving exercises from Practical Reverse Engineering☆15Jan 9, 2022Updated 4 years ago
- modern c++ wrapper around the microsoft portable executable file format☆36Nov 22, 2025Updated 3 months ago
- 巨硬☆17Oct 4, 2023Updated 2 years ago
- ☆17Apr 18, 2023Updated 2 years ago
- Procmonel is Procmon like monitoring system implemented using Microsoft WDK☆12Dec 25, 2019Updated 6 years ago
- Interprocess communication library, providing the ability to call functions from each other☆20Oct 3, 2019Updated 6 years ago
- Small class to parse debug info from PEs, download their respective PDBs from the Microsoft Public Symbol Server and calculate RVAs of fu…☆44Apr 1, 2023Updated 2 years ago
- Plugin for x64dbg to disable parallel loading of dependencies☆19Sep 3, 2022Updated 3 years ago
- SBLoader is a memory patcher to patch and execute the child process under the desired parent process.☆14Jun 25, 2022Updated 3 years ago
- Anti-Malware security solution for Windows environment.☆19Jul 10, 2021Updated 4 years ago
- Rootkit & Anti-rootkit☆42Jan 27, 2024Updated 2 years ago
- Tracing and parsing an executing binary file☆29Aug 7, 2015Updated 10 years ago
- Some examples of anti debug techniques used in malware or commercial products preventing analysts to debug code of app.☆22Apr 18, 2020Updated 5 years ago
- BITS Transfers Manager☆46May 18, 2025Updated 9 months ago
- Miscellaneous Code and Docs☆83Jul 12, 2025Updated 7 months ago
- A basic Secure Virtual Machine hypervisor☆27Feb 25, 2021Updated 5 years ago
- hooking KiUserApcDispatcher☆27Apr 3, 2017Updated 8 years ago
- devirtualization vmprotect☆65Mar 11, 2023Updated 2 years ago
- WTL helper library☆57Updated this week
- a dkom rootkit that targets windows x64 systems. the rootkit hooks and edits criticl memory sections in order to hide different resources…☆18Jul 5, 2023Updated 2 years ago
- A windows userland executable monitor☆23Jul 30, 2020Updated 5 years ago
- Full reversing of the Microsoft Auxiliary Windows API Library and ported to C☆24Dec 17, 2024Updated last year
- ☆56Nov 21, 2022Updated 3 years ago
- Windows PDB parser for kernel-mode environment.☆107Jun 7, 2025Updated 8 months ago
- A simple password-based PE encryptor for Windows 32-bit executables.☆51Jan 9, 2025Updated last year
- Event Tracing for Windows tools and samples☆31Jan 20, 2025Updated last year