windows create process with a dll load first time via LdrHook
☆31Oct 21, 2016Updated 9 years ago
Alternatives and similar repositories for runwithdll
Users that are interested in runwithdll are comparing it to the libraries listed below
Sorting:
- Automatically exported from code.google.com/p/guardlite☆11Jul 2, 2015Updated 10 years ago
- Trying for all arch detour stuff now☆11Feb 10, 2017Updated 9 years ago
- Minifilter Driver☆15Feb 10, 2017Updated 9 years ago
- more at http://www.zer0mem.sk/?p=271☆12Jun 11, 2013Updated 12 years ago
- ☆15Dec 26, 2017Updated 8 years ago
- Enumerate the DLLs/Modules using NtQueryVirtualMemory☆32Jun 11, 2015Updated 10 years ago
- Code injection by hijacking threads in Windows 32-bit applications☆44Oct 3, 2018Updated 7 years ago
- Simple header only library to change return address on current stack frame.☆22Sep 4, 2016Updated 9 years ago
- ☆17Oct 24, 2016Updated 9 years ago
- ☆14Aug 15, 2018Updated 7 years ago
- MIR-Engine☆23Jul 6, 2017Updated 8 years ago
- windows kernelmode and usermode IAT hook☆149Mar 9, 2021Updated 5 years ago
- Ssdt Hook Detection tool☆13Nov 11, 2016Updated 9 years ago
- Notes my learning steps about Windows-NT☆23May 18, 2017Updated 8 years ago
- Bypass antivirus with dynamic import. Hide the api(s) used.☆28Apr 2, 2016Updated 9 years ago
- it's a simple LKM rootkit.☆12Aug 2, 2016Updated 9 years ago
- ☆11Sep 28, 2017Updated 8 years ago
- Windows工具类☆28Apr 23, 2017Updated 8 years ago
- ☆19Jul 20, 2015Updated 10 years ago
- ☆41Jun 1, 2016Updated 9 years ago
- WoW64 -> x64☆18Oct 1, 2016Updated 9 years ago
- ☆14Jan 10, 2017Updated 9 years ago
- Bypass User Account Control by manipulating tokens☆35Nov 3, 2017Updated 8 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆23May 31, 2017Updated 8 years ago
- A utility to use the usermode shellcode from the DOUBLEPULSAR payload to reflectively load an arbitrary DLL into another process, for use…☆123Jun 27, 2017Updated 8 years ago
- 进程保护☆17Mar 31, 2013Updated 12 years ago
- Minimal Intervention and Software Transformation - PoC Packer designed for AV detection bypass☆18Nov 4, 2017Updated 8 years ago
- An alternative tool to Sysinternals WinObj tool (nicer icons!)☆35Aug 31, 2018Updated 7 years ago
- A sample on how to inject a DLL from a kernel driver☆61Sep 13, 2016Updated 9 years ago
- Demo List cm/ps/ob/minifilter callback And Patch/Bypass it☆29Dec 5, 2017Updated 8 years ago
- A drop-in replacement for the C++ STL for kernel mode Windows drivers. The goal is to have implementations for things like the standard a…☆33Jul 12, 2016Updated 9 years ago
- An aggregate of tools used in the core of vmp_dbg plus other parsing utils to parse vmp bc.☆16Oct 18, 2016Updated 9 years ago
- Automatically exported from code.google.com/p/windbgshark☆12Nov 3, 2015Updated 10 years ago
- Kernel mode driver loader, injecting into the windows kernel, Rootkit. Driver injections.☆47Nov 9, 2014Updated 11 years ago
- HackSys Extreme Vulnerable Driver - ArbitraryOverwrite Exploit using GDI -> Low Integrity to System☆15Mar 30, 2017Updated 8 years ago
- Program to leak anti-virus behaviour and such☆14Apr 18, 2019Updated 6 years ago
- ☆36Oct 29, 2020Updated 5 years ago
- ☆16Jan 14, 2016Updated 10 years ago
- Windows kernel-mode callbacks tutorial driver☆48Aug 8, 2016Updated 9 years ago