tinysec/runwithdll

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/tinysec/runwithdll)

tinysec / runwithdll

windows create process with a dll load first time via LdrHook

☆31

Alternatives and similar repositories for runwithdll

Users that are interested in runwithdll are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

lj1987new / guardlite
View on GitHub
Automatically exported from code.google.com/p/guardlite
☆11Jul 2, 2015Updated 10 years ago
keyboardsmoke / global-hook
View on GitHub
Trying for all arch detour stuff now
☆11Feb 10, 2017Updated 9 years ago
louk78 / Virgo
View on GitHub
Minifilter Driver
☆15Feb 10, 2017Updated 9 years ago
zer0mem / HowToBoostPatchGuard
View on GitHub
more at http://www.zer0mem.sk/?p=271
☆12Jun 11, 2013Updated 12 years ago
pitercantropo / dd
View on GitHub
☆15Dec 26, 2017Updated 8 years ago
Proton VPN Special Offer - Get 70% off • Ad
Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
SLAUC91 / DLLFinder
View on GitHub
Enumerate the DLLs/Modules using NtQueryVirtualMemory
☆32Jun 11, 2015Updated 10 years ago
johnsonjason / Remote-Thread-Executor
View on GitHub
Code injection by hijacking threads in Windows 32-bit applications
☆44Oct 3, 2018Updated 7 years ago
C485 / ReturnAddressHider
View on GitHub
Simple header only library to change return address on current stack frame.
☆22Sep 4, 2016Updated 9 years ago
arcpop / Observer
View on GitHub
☆17Oct 24, 2016Updated 9 years ago
KelvinMsft / SyncJobs_MPSystem
View on GitHub
☆14Aug 15, 2018Updated 7 years ago
SamLarenN / MIR-Engine
View on GitHub
MIR-Engine
☆24Jul 6, 2017Updated 8 years ago
tinysec / iathook
View on GitHub
windows kernelmode and usermode IAT hook
☆149Mar 9, 2021Updated 5 years ago
papadp / shd
View on GitHub
Ssdt Hook Detection tool
☆13Nov 11, 2016Updated 9 years ago
AzureGreen / WinNT-Learning
View on GitHub
Notes my learning steps about Windows-NT
☆23May 18, 2017Updated 8 years ago
Wordpress hosting with auto-scaling on Cloudways • Ad
Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
wekillpeople / bypassav-dynimp
View on GitHub
Bypass antivirus with dynamic import. Hide the api(s) used.
☆28Apr 2, 2016Updated 10 years ago
matteomattia / moo_rootkit
View on GitHub
it's a simple LKM rootkit.
☆12Aug 2, 2016Updated 9 years ago
fantasyboy / steamlogin
View on GitHub
☆11Sep 28, 2017Updated 8 years ago
nargnos / WindowsUtil
View on GitHub
Windows工具类
☆28Apr 23, 2017Updated 8 years ago
aaaddress1 / APCInjector-BYPASS-AV
View on GitHub
☆19Jul 20, 2015Updated 10 years ago
wyrover / win-sys
View on GitHub
☆41Jun 1, 2016Updated 9 years ago
wolk-1024 / WoW64Utils
View on GitHub
WoW64 -> x64
☆18Oct 1, 2016Updated 9 years ago
dotfornet / WindowsUtil
View on GitHub
☆14Jan 10, 2017Updated 9 years ago
vmcall / token_manipulation
View on GitHub
Bypass User Account Control by manipulating tokens
☆35Nov 3, 2017Updated 8 years ago
Bare Metal GPUs on DigitalOcean Gradient AI • Ad
Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
changeofpace / Remote-Process-Cookie-for-Windows-7
View on GitHub
Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.
☆23May 31, 2017Updated 8 years ago
WithSecureLabs / doublepulsar-usermode-injector
View on GitHub
A utility to use the usermode shellcode from the DOUBLEPULSAR payload to reflectively load an arbitrary DLL into another process, for use…
☆123Jun 27, 2017Updated 8 years ago
dongchao-1 / ProcProtect
View on GitHub
进程保护
☆17Mar 31, 2013Updated 13 years ago
NtRaiseHardError / MIST
View on GitHub
Minimal Intervention and Software Transformation - PoC Packer designed for AV detection bypass
☆18Nov 4, 2017Updated 8 years ago
zodiacon / ObjectBrowser
View on GitHub
An alternative tool to Sysinternals WinObj tool (nicer icons!)
☆35Aug 31, 2018Updated 7 years ago
stormshield / Beholder-Win32
View on GitHub
A sample on how to inject a DLL from a kernel driver
☆61Sep 13, 2016Updated 9 years ago
binbibi / CallbackEx
View on GitHub
Demo List cm/ps/ob/minifilter callback And Patch/Bypass it
☆29Dec 5, 2017Updated 8 years ago
AndrewGaspar / km-stl
View on GitHub
A drop-in replacement for the C++ STL for kernel mode Windows drivers. The goal is to have implementations for things like the standard a…
☆33Jul 12, 2016Updated 9 years ago
0xbadc0de1 / VMP_Tools
View on GitHub
An aggregate of tools used in the core of vmp_dbg plus other parsing utils to parse vmp bc.
☆16Oct 18, 2016Updated 9 years ago
NordVPN Threat Protection Pro™ • Ad
Take your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
pcguru34 / windbgshark
View on GitHub
Automatically exported from code.google.com/p/windbgshark
☆12Nov 3, 2015Updated 10 years ago
osiris123 / CDriver_Loader
View on GitHub
Kernel mode driver loader, injecting into the windows kernel, Rootkit. Driver injections.
☆47Nov 9, 2014Updated 11 years ago
Cn33liz / HSEVD-ArbitraryOverwriteLowIL
View on GitHub
HackSys Extreme Vulnerable Driver - ArbitraryOverwrite Exploit using GDI -> Low Integrity to System
☆15Mar 30, 2017Updated 9 years ago
NtRaiseHardError / LeakMyAV
View on GitHub
Program to leak anti-virus behaviour and such
☆14Apr 18, 2019Updated 6 years ago
KelvinMsft / ScreenCapAttack
View on GitHub
☆36Oct 29, 2020Updated 5 years ago
DeDf / HyperVisor
View on GitHub
☆16Jan 14, 2016Updated 10 years ago
swwwolf / cbtest
View on GitHub
Windows kernel-mode callbacks tutorial driver
☆48Aug 8, 2016Updated 9 years ago