synacktiv / keebcapLinks
Win32 keylogger that supports all (non-ime using) languages correctly
☆50Updated last year
Alternatives and similar repositories for keebcap
Users that are interested in keebcap are comparing it to the libraries listed below
Sorting:
- Linker for Beacon Object Files☆116Updated this week
- ☆99Updated last year
- ☆61Updated last year
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆65Updated 2 months ago
- ForsHops☆53Updated 3 months ago
- ☆32Updated 6 months ago
- ☆86Updated 10 months ago
- shell code example☆49Updated last month
- Windows AppLocker Driver (appid.sys) LPE☆62Updated 10 months ago
- ☆62Updated 5 months ago
- Boilerplate to develop raw and truly Position Independent Code (PIC).☆51Updated 5 months ago
- I have documented all of the AMSI patches that I learned till now☆72Updated 2 months ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆123Updated 2 years ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆82Updated 4 months ago
- Splitting and executing shellcode across multiple pages☆103Updated 2 years ago
- ☆114Updated 2 years ago
- Slides for COM Hijacking AV/EDR Talk on 38c3☆74Updated 5 months ago
- Tool for playing with Windows Access Token manipulation.☆55Updated 2 years ago
- Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar☆130Updated 10 months ago
- A work in progress BOF/COFF loader in Rust☆50Updated 2 years ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆90Updated last year
- ☆136Updated 2 years ago
- Files for http://blog.deniable.org/posts/windows-callbacks/☆76Updated 3 years ago
- Malware?☆70Updated 8 months ago
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆50Updated last year
- ☆110Updated 5 months ago
- "Service-less" driver loading☆155Updated 6 months ago
- Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…☆78Updated this week
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆61Updated last year
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution☆42Updated 11 months ago