x64 usermode rootkit
☆211Apr 11, 2018Updated 7 years ago
Alternatives and similar repositories for latebros
Users that are interested in latebros are comparing it to the libraries listed below
Sorting:
- C++17 PE manualmapper☆436Oct 2, 2021Updated 4 years ago
- x64 manualmapper with kernel elevation and thread hijacking capabilities☆418Jan 3, 2020Updated 6 years ago
- BattlEye x64 usermode injector☆66Mar 20, 2019Updated 6 years ago
- Undocumented way of fetching list of processes by bruteforcing NtQuerySystemInformation☆16Nov 20, 2017Updated 8 years ago
- HAXM hypervisor client☆18Nov 30, 2018Updated 7 years ago
- NT reversal☆25Jul 12, 2018Updated 7 years ago
- x86-64 virtual machine and disassembler☆147Nov 23, 2019Updated 6 years ago
- 常用代码类☆13May 31, 2014Updated 11 years ago
- Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.☆902Nov 21, 2019Updated 6 years ago
- Hide codes/data in the kernel address space.☆188May 8, 2021Updated 4 years ago
- ☆17Mar 3, 2016Updated 10 years ago
- Currently supports injecting signed/unsigned DLLs in 64-bit processes☆60Sep 14, 2020Updated 5 years ago
- a more stable & secure read/write virtual memory for kernel mode drivers☆161Mar 8, 2020Updated 5 years ago
- C++ graphics kernel subsystem hook☆561Jan 11, 2021Updated 5 years ago
- Шаблон полнофункционального драйвера и обёртки над ядерным API☆114Aug 28, 2016Updated 9 years ago
- A Windows game hacking framework☆42Sep 7, 2016Updated 9 years ago
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆183Nov 30, 2017Updated 8 years ago
- PoC of BOOST-ed _EPROCESS.VadRoot iterating☆27May 21, 2014Updated 11 years ago
- PEBFake(修改PEB 伪装当前进程路径、参数等)☆54Jan 19, 2021Updated 5 years ago
- Hide Driver By MiProcessLoaderEntry☆294May 17, 2019Updated 6 years ago
- RVDbg is a debugger/exception handler for Windows processes and has the capability to circumvent anti-debugging techniques. (Cleaner, doc…☆72Sep 5, 2020Updated 5 years ago
- This is a collection of interesting codes about Windows Process creation.☆237Jan 12, 2024Updated 2 years ago
- An usermode BE Rootkit Bypass☆240May 1, 2019Updated 6 years ago
- A hypervisor hiding user-mode memory using EPT☆107Jan 28, 2018Updated 8 years ago
- A modern c++ implementation of windows heavens gate☆245Sep 19, 2020Updated 5 years ago
- Windows Manipulation Library (x64, User/Kernelmode)☆77Oct 4, 2018Updated 7 years ago
- Detect manualmapped images remotely, without hassle☆152Nov 3, 2017Updated 8 years ago
- Handle access elevation via direct kernel object manipulation☆118Jan 26, 2018Updated 8 years ago
- Modify process handle permissions☆61Nov 30, 2016Updated 9 years ago
- windows LPC library☆43Jun 7, 2013Updated 12 years ago
- CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers☆145Sep 5, 2020Updated 5 years ago
- NoBastian - Universal Ring3 IPC based BattlEye/EAC/FaceIt/ESEA/MRAC bypass☆147Jun 17, 2018Updated 7 years ago
- Manual PE image mapper☆66Aug 29, 2013Updated 12 years ago
- Crash Windows 10 up to RS2 from an unprivileged process☆42Dec 10, 2017Updated 8 years ago
- just an lite AntiRootkit for interesting☆24Dec 9, 2015Updated 10 years ago
- ☆14Apr 7, 2018Updated 7 years ago
- ☆185May 5, 2019Updated 6 years ago
- UEFI bootkit for driver manual mapping☆586Jan 1, 2024Updated 2 years ago
- Detecting execution of kernel memory where is not backed by any image file☆261Jul 11, 2018Updated 7 years ago