therealdreg / WinXPSP2.Cermalus
Malware WinXPSP2.Cermalus Windows Kernel Virus
☆16Updated last year
Alternatives and similar repositories for WinXPSP2.Cermalus:
Users that are interested in WinXPSP2.Cermalus are comparing it to the libraries listed below
- Simple PE packer with RtlCompressBuffer☆21Updated 9 years ago
- Scanning and identifying XOR encrypted PE files in PE resources☆27Updated 10 years ago
- The Grum Spam Bot☆20Updated 10 years ago
- Proof of concept open source implementation of an UAC bypass exploit, based in 2 windows failures.☆12Updated 4 years ago
- drvtriks kernel driver for Windows 7 SP1 and 8.1 x64, that tricks around in your system.☆31Updated 7 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 7 years ago
- My collection of unpackers for malware packers/crypters☆28Updated 7 years ago
- A collection of anti disassembly techniques☆19Updated 7 years ago
- Public open-source code of malware NetTraveler (aka TravNet).☆37Updated 9 years ago
- Bootkits Revisited☆41Updated 10 years ago
- PoC for detecting and dumping process hollowing code injection☆51Updated 6 years ago
- Simple tool for unpacking packed/protected malware executables.☆32Updated 13 years ago
- PoC for detecting and dumping code injection (built and extended on UnRunPE)☆56Updated 6 years ago
- x64dbg scripts for finding OEP of packers☆14Updated 6 years ago
- (This is a fork used primarily to submit patches into upstream repository) RpcView is a free tool to explore and decompile Microsoft RPC …☆19Updated last year
- Hidden kernel mode code execution for bypassing modern anti-rootkits.☆83Updated 14 years ago
- Hooking functions with guard pages☆9Updated 2 years ago
- DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10☆52Updated last year
- ☆22Updated 4 years ago
- Enter Product Key Volatile Environment LPE☆12Updated 4 months ago
- Code Injector Using Code Caves☆14Updated 9 years ago
- Bypass Antivm and Cuckoo Sandbox Techniques☆12Updated 8 years ago
- Open and generic Anti-Anti Reversing Framework. Works in 32 and 64 bits.☆64Updated 12 years ago
- ☆22Updated 4 years ago
- ☆45Updated 6 years ago
- User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.☆19Updated 9 years ago
- Decrement Windows Kernel for fun and profit☆38Updated 7 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆22Updated 7 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆77Updated 9 years ago
- Bootkit for Windows 7☆28Updated 10 years ago