trickster0/CReadMemory external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

trickster0/CReadMemory

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/trickster0/CReadMemory)

Close

trickster0 / CReadMemoryView on GitHubMore

• External links
• Readme badge

Read Memory without ReadProcessMemory for Current Process

☆92Feb 13, 2022Updated 4 years ago

Alternatives and similar repositories for CReadMemory

Users that are interested in CReadMemory are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• Allevon412 / PPL_Sandboxer

  View on GitHub
  ☆82Feb 12, 2022Updated 4 years ago
• paranoidninja / DotNetTracer

  View on GitHub
  C code to enable ETW tracing for Dotnet Assemblies
  ☆32Aug 12, 2022Updated 3 years ago
• TomOS3 / UserModeUnhooking

  View on GitHub
  This project is created for research into antivirus evasion by unhooking.
  ☆18Sep 2, 2021Updated 4 years ago
• boom-cr3 / NotifyRoutineHijackThread

  View on GitHub
  Hijack NotifyRoutine for a kernelmode thread
  ☆41Jun 4, 2022Updated 3 years ago
• trickster0 / LdrLoadDll-Unhooking

  View on GitHub
  LdrLoadDll Unhooking
  ☆134Jan 16, 2022Updated 4 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• knightswd / ProcessGhosting

  View on GitHub
  ☆74Jul 23, 2021Updated 4 years ago
• Henkru / cs-token-vault

  View on GitHub
  In-memory token vault BOF for Cobalt Strike
  ☆149Aug 18, 2022Updated 3 years ago
• MahmoudZohdy / APICallProxy

  View on GitHub
  Windows API Call Obfuscation
  ☆113Dec 9, 2022Updated 3 years ago
• jsacco / PPL_Bypass

  View on GitHub
  ☆12Apr 7, 2022Updated 4 years ago
• Mav3rick33 / ZenLdr

  View on GitHub
  Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature
  ☆101Feb 28, 2023Updated 3 years ago
• GetRektBoy724 / SharpLoadLibrary

  View on GitHub
  An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.
  ☆55Mar 3, 2022Updated 4 years ago
• Wra7h / ARCInject

  View on GitHub
  Overwrite a process's recovery callback and execute with WER
  ☆101Apr 17, 2022Updated 3 years ago
• paranoidninja / Process-Instrumentation-Syscall-Hook

  View on GitHub
  A simple program to hook the current process to identify the manual syscall executions on windows
  ☆267Nov 18, 2022Updated 3 years ago
• GetRektBoy724 / NiceTryDLL

  View on GitHub
  Nice try reading NTDLL from disk, nerd.
  ☆19Apr 18, 2022Updated 3 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• alfarom256 / StinkyLoader

  View on GitHub
  It stinks
  ☆103Apr 22, 2022Updated 3 years ago
• xpn / ObjectOverloadingPOC

  View on GitHub
  ☆60Feb 10, 2022Updated 4 years ago
• Haunted-Banshee / ErebusGate

  View on GitHub
  ErebusGate for Nim Bypass AV/EDR
  ☆160Nov 7, 2022Updated 3 years ago
• plackyhacker / SandboxDefender

  View on GitHub
  C# code to Sandbox Defender (and most probably other AV/EDRs).
  ☆167Apr 22, 2022Updated 3 years ago
• NUL0x4C / KnownDllUnhook

  View on GitHub
  Replace the .txt section of the current loaded modules from \KnownDlls\
  ☆304Sep 28, 2022Updated 3 years ago
• mdsecactivebreach / com_inject

  View on GitHub
  ☆209Apr 5, 2022Updated 4 years ago
• w1u0u1 / minidump

  View on GitHub
  Custom implementation of DbgHelp's MiniDumpWriteDump function. Uses static syscalls to replace low-level functions like NtReadVirtualMemo…
  ☆127Jan 18, 2022Updated 4 years ago
• Kara-4search / HellgateLoader_CSharp

  View on GitHub
  Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.
  ☆18Jan 21, 2022Updated 4 years ago
• plackyhacker / Peruns-Fart

  View on GitHub
  Perun's Fart (Slavic God's Luck). Another method for unhooking AV and EDR, this is my C# version.
  ☆117Dec 26, 2021Updated 4 years ago
• Open source password manager - Proton Pass • Ad
  Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
• skelsec / aardwolfgui

  View on GitHub
  Asynchronous RDP/VNC client for Python (GUI)
  ☆79Jan 1, 2025Updated last year
• D4stiny / ForkPlayground

  View on GitHub
  An implementation and proof-of-concept of Process Forking.
  ☆229Nov 29, 2021Updated 4 years ago
• rad9800 / VehApiResolve

  View on GitHub
  ☆119Aug 7, 2022Updated 3 years ago
• ch4ncellor / Inline-PatchFinder

  View on GitHub
  comparing data of module exports from disk and memory, then caching any differences.
  ☆26Dec 11, 2021Updated 4 years ago
• Octoberfest7 / BeatRev

  View on GitHub
  POC for frustrating/defeating Malware Analysts
  ☆156Jun 12, 2022Updated 3 years ago
• hlldz / RefleXXion

  View on GitHub
  RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, …
  ☆500Jan 25, 2022Updated 4 years ago
• HadarShahar / process-hiders

  View on GitHub
  Hides processes from the windows task manager using IAT hooking.
  ☆22Mar 30, 2021Updated 5 years ago
• wafinfo / SyscallLoader

  View on GitHub
  SyscallLoader
  ☆11Sep 13, 2021Updated 4 years ago
• gabriellandau / ShadowStackWalk

  View on GitHub
  Finding Truth in the Shadows
  ☆126Jan 26, 2023Updated 3 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• lem0nSec / CreateRemoteThreadPlus

  View on GitHub
  CreateRemoteThreadPlus: how to pass multiple parameters to the remote thread function without shellcode.
  ☆138Jul 10, 2025Updated 8 months ago
• thefLink / DeepSleep

  View on GitHub
  A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC
  ☆378May 24, 2022Updated 3 years ago
• netero1010 / RDPHijack-BOF

  View on GitHub
  Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking.
  ☆314Jul 8, 2022Updated 3 years ago
• WithSecureLabs / CallStackSpoofer

  View on GitHub
  A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)
  ☆563Apr 8, 2025Updated last year
• PorLaCola25 / PPID-Spoofing

  View on GitHub
  POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…
  ☆42Sep 23, 2021Updated 4 years ago
• rbmm / LdrpKernel32DllName

  View on GitHub
  ☆90Jun 2, 2024Updated last year
• EspressoCake / Self_Deletion_BOF

  View on GitHub
  BOF implementation of the research by @jonasLyk and the drafted PoC from @LloydLabs
  ☆186Oct 3, 2021Updated 4 years ago