synacktiv / keebcap
Win32 keylogger that supports all (non-ime using) languages correctly
☆49Updated last year
Alternatives and similar repositories for keebcap:
Users that are interested in keebcap are comparing it to the libraries listed below
- An example reference design for a proposed BOF PE☆126Updated last month
- Splitting and executing shellcode across multiple pages☆100Updated last year
- Exploiting the KsecDD Windows driver through Server Silos☆50Updated 4 months ago
- stack spoofing☆80Updated 4 months ago
- ☆98Updated last year
- ☆133Updated last year
- Slides for COM Hijacking AV/EDR Talk on 38c3☆72Updated 2 months ago
- ☆85Updated 7 months ago
- shell code example☆33Updated last week
- Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar☆129Updated 7 months ago
- Reimplementation of the KExecDD DSE bypass technique.☆46Updated 6 months ago
- ☆112Updated 2 years ago
- Rusty Hell's Gate / Halo's Gate / Tartarus' Gate / FreshyCalls / Syswhispers2 Library☆27Updated 2 years ago
- ☆25Updated 3 months ago
- Template-based generation of shellcode loaders☆76Updated 11 months ago
- ☆61Updated 9 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆73Updated 7 months ago
- ☆42Updated 2 years ago
- ☆96Updated 2 months ago
- A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.☆60Updated 2 months ago
- Files for http://blog.deniable.org/posts/windows-callbacks/☆71Updated 3 years ago
- LKM rootkit for modern kernels, with DNS C2 and a simple web interface☆64Updated 2 weeks ago
- ☆52Updated 2 months ago
- TypeLib persistence technique☆108Updated 5 months ago
- a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor☆93Updated last year
- I have documented all of the AMSI patches that I learned till now☆74Updated last year
- A C++ PoC implementation for enumerating Windows Fibers directly from memory☆17Updated 10 months ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆72Updated last month
- ☆29Updated 3 months ago
- Malware?☆69Updated 5 months ago