tomiesghost / UltraEnvy
Debug-assisted Argument Spoofing
☆14Updated 4 months ago
Alternatives and similar repositories for UltraEnvy:
Users that are interested in UltraEnvy are comparing it to the libraries listed below
- Mentally ill EtwTi parser☆32Updated 2 weeks ago
- A collection of position independent coding resources☆66Updated 2 weeks ago
- shell code example☆31Updated last week
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆76Updated 6 months ago
- ☆85Updated 6 months ago
- ☆29Updated 2 months ago
- Windows AppLocker Driver (appid.sys) LPE☆50Updated 7 months ago
- Section-based payload obfuscation technique for x64☆59Updated 6 months ago
- A more reliable way of resolving syscall numbers in Windows☆48Updated last year
- Slides for COM Hijacking AV/EDR Talk on 38c3☆71Updated 2 months ago
- Reimplementation of the KExecDD DSE bypass technique.☆46Updated 5 months ago
- "Service-less" driver loading☆148Updated 3 months ago
- BOF for C2 framework☆39Updated 3 months ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆14Updated last year
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆26Updated last year
- A process injection technique using only thread context manipulation☆26Updated last year
- RunPE adapted for x64 and written in C, does not use RWX☆24Updated 9 months ago
- a demo module for the kaine agent to execute and inject assembly modules☆36Updated 6 months ago
- CVE-2024-40431+CVE-2022-25479 chain for EOP(DATA ONLY ATTACK)☆44Updated 4 months ago
- A C++ PoC implementation for enumerating Windows Fibers directly from memory☆17Updated 9 months ago
- ☆28Updated last year
- A firebeam plugin that exploits the CVE-2024-26229 vulnerability to perform elevation of privilege from a unprivileged user☆37Updated 6 months ago