ufrisk / shellcode64Links
A minimal tool to extract shellcode from 64-bit PE binaries.
☆50Updated 3 years ago
Alternatives and similar repositories for shellcode64
Users that are interested in shellcode64 are comparing it to the libraries listed below
Sorting:
- Decrement Windows Kernel for fun and profit☆38Updated 7 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 7 years ago
- Hidden kernel mode code execution for bypassing modern anti-rootkits.☆83Updated 14 years ago
- DLL Injection Library & Tools☆72Updated 8 years ago
- exploit termdd.sys(support kb4499175)☆59Updated 5 years ago
- PoC designed to evade userland-hooking anti-virus.☆88Updated 6 years ago
- A simple rootkit to hide a process☆46Updated 11 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆29Updated 8 years ago
- Analyze and attack windows applications using dll hijacking vulnerabilities☆57Updated 5 years ago
- Parser for a custom executable format from Hidden Bee malware (first stage)☆43Updated 9 months ago
- ☆34Updated 7 years ago
- Gozi-MBR-rootkit Bootkit Modified☆70Updated 8 years ago
- Protects deletion of files with a specified extension using a kernel-mode driver.☆75Updated 6 years ago
- Sysmon shenanigans☆65Updated 4 years ago
- Bypass antivirus with dynamic import. Hide the api(s) used.☆26Updated 9 years ago
- ☆45Updated 7 years ago
- A process overwriting its own PEB to make an illusion that it has been loaded from a different path.☆96Updated 4 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆106Updated 5 years ago
- Simple proof of concept code for injecting libraries on 64bit processes from a 32bit process☆96Updated 6 years ago
- A ready-made template for a project based on libpeconv.☆48Updated 4 months ago
- PoC for Bypassing UM Hooks By Bruteforcing Intel Syscalls☆38Updated 9 years ago
- A small library helping to parse commandline parameters (for C/C++)☆57Updated last month
- Code Injector Using Code Caves☆14Updated 9 years ago
- Dumps information about all the callback objects found in a dump file and the functions registered for them☆36Updated 4 years ago
- Helper utility for debugging windows PE/PE+ loader.☆52Updated 10 years ago
- Windows GPU rootkit PoC by Team Jellyfish☆35Updated 10 years ago
- DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10☆53Updated last year
- Extremely simple but inefficient x86-64 assembly obfuscation.☆36Updated 9 years ago
- Load a Windows Kernel Driver☆92Updated 8 years ago
- A simple tool to view important DLL Characteristics and change DEP and ASLR☆44Updated 6 years ago