w1u0u1 / kinjectView external linksLinks
Kernel shellcode injector
☆148Mar 23, 2021Updated 4 years ago
Alternatives and similar repositories for kinject
Users that are interested in kinject are comparing it to the libraries listed below
Sorting:
- Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL☆220Nov 12, 2020Updated 5 years ago
- Custom implementation of DbgHelp's MiniDumpWriteDump function. Uses static syscalls to replace low-level functions like NtReadVirtualMemo…☆128Jan 18, 2022Updated 4 years ago
- Windows Kernel Driver dlls injector using APC☆64Aug 11, 2018Updated 7 years ago
- Code Injection, Inject malicious payload via pagetables pml4.☆242Jul 7, 2021Updated 4 years ago
- 从MmPfnData中枚举进程和页目录基址☆206Aug 18, 2023Updated 2 years ago
- The Kernel-Mode Winsock library, supporting TCP, UDP and Unix sockets (DGRAM and STREAM).☆275Jan 27, 2025Updated last year
- Call NtCreateUserProcess directly as normal.☆76May 17, 2022Updated 3 years ago
- Encrypted PE Loader Generator☆545Aug 13, 2021Updated 4 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- A PoC designed to bypass all usermode hooks in a WoW64 environment.☆150Sep 16, 2020Updated 5 years ago
- Run Processes as PPL with ELAM☆175Mar 17, 2022Updated 3 years ago
- x64 free protect Features 1.process/thread handle protect 2.anti taskmgr.exe 3.hide process 4.anti-debugger(user/kernel debugger)☆87Apr 3, 2019Updated 6 years ago
- 滥用cow机制进行全局注入☆99Jan 1, 2021Updated 5 years ago
- ☆153Jul 31, 2022Updated 3 years ago
- Load your driver like win32k.sys☆258Aug 20, 2022Updated 3 years ago
- Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging☆581Mar 8, 2024Updated last year
- Windows Kernel inject (no module no thread)☆282Nov 11, 2022Updated 3 years ago
- Kernel LdrLoadDll injector☆264Oct 6, 2018Updated 7 years ago
- base for testing☆186Sep 28, 2024Updated last year
- Reverse engineered source code of the autochk rootkit☆208Nov 1, 2019Updated 6 years ago
- by others☆40Jan 28, 2018Updated 8 years ago
- c++ implementation of windows heavens gate☆70Feb 12, 2021Updated 5 years ago
- OffensivePH - use old Process Hacker driver to bypass several user-mode access controls☆334Oct 9, 2021Updated 4 years ago
- Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…☆218Feb 20, 2023Updated 2 years ago
- Hijack NotifyRoutine for a kernelmode thread☆41Jun 4, 2022Updated 3 years ago
- Hide codes/data in the kernel address space.☆188May 8, 2021Updated 4 years ago
- Kernel mode to user mode injector☆11Mar 31, 2020Updated 5 years ago
- PoC MSVC COFF Object file loader/injector.☆186Mar 19, 2021Updated 4 years ago
- PoC: Exploit 32-bit Thread Snapshot of WOW64 to Take Over $RIP & Inject & Bypass Antivirus HIPS (HITB 2021)☆167May 27, 2021Updated 4 years ago
- the basic version of the ring0 physical memory read/write tool☆92Aug 18, 2019Updated 6 years ago
- PoC memory injection detection agent based on ETW, for offensive and defensive research purposes☆298Apr 10, 2021Updated 4 years ago
- FLARE Kernel Shellcode Loader☆179May 3, 2019Updated 6 years ago
- 不使用3环挂钩进行DWM桌面绘制☆82Dec 9, 2021Updated 4 years ago
- Detect removed thread from PspCidTable.☆75Mar 18, 2022Updated 3 years ago
- x64 Windows kernel driver mapper, inject unsigned driver using anycall☆199Feb 14, 2024Updated last year
- Enumerating and removing kernel callbacks using signed vulnerable drivers☆587Jan 24, 2023Updated 3 years ago
- InfinityHookPro Win7 -> Win11 latest☆551Feb 7, 2023Updated 3 years ago
- Kernel-based memory hacking framework communicating with a kernel driver via sockets.☆96May 25, 2021Updated 4 years ago
- Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.☆377Aug 8, 2021Updated 4 years ago