waleedassar / ALPC_CLIENT_SERVERView external linksLinks
Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.
☆21Jan 25, 2022Updated 4 years ago
Alternatives and similar repositories for ALPC_CLIENT_SERVER
Users that are interested in ALPC_CLIENT_SERVER are comparing it to the libraries listed below
Sorting:
- ☆33Dec 22, 2020Updated 5 years ago
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆79Dec 21, 2022Updated 3 years ago
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated last year
- ☆16Oct 31, 2022Updated 3 years ago
- Interprocess communication library, providing the ability to call functions from each other☆20Oct 3, 2019Updated 6 years ago
- PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook☆12May 30, 2024Updated last year
- Dump PDB Symbols including support for Bochs Debugging Format (with wine support)☆14Aug 11, 2023Updated 2 years ago
- Static Library For Windows Drivers☆41Dec 13, 2025Updated 2 months ago
- 扫描以及恢复 r3hook 类☆10Aug 29, 2021Updated 4 years ago
- Reversed WintaPix Malware Source code | That targets countries in the Middle East and abuse KeServiceDescriptorTable(SSDT), persistence a…☆22Jul 6, 2024Updated last year
- A collection of cpuid instruction implementations for anti-vm purposes.☆10Oct 5, 2023Updated 2 years ago
- R3劫持所有异常☆15Jan 4, 2021Updated 5 years ago
- Ready-to-use headers for Windows Kernel SSDT indices☆11Apr 12, 2020Updated 5 years ago
- Call NtCreateUserProcess directly as normal.☆76May 17, 2022Updated 3 years ago
- Bypassing kernel patch protection runtime☆21Feb 19, 2023Updated 2 years ago
- Hijack NotifyRoutine for a kernelmode thread☆41Jun 4, 2022Updated 3 years ago
- ☆12Aug 31, 2022Updated 3 years ago
- ☆12Jun 30, 2019Updated 6 years ago
- Enumerate various traits from Windows processes as an aid to threat hunting☆202Jan 13, 2022Updated 4 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- ☆20Mar 15, 2023Updated 2 years ago
- Basic utilities for executing, reading and writing 64-bit data in a 32-bit WoW64 process☆19Jul 8, 2022Updated 3 years ago
- Basic experimentation with Windows drivers.☆17Mar 3, 2023Updated 2 years ago
- Libraries written in inline assembly☆19Aug 7, 2023Updated 2 years ago
- Hooking Heavens Gate in a weekend☆13Jan 1, 2022Updated 4 years ago
- Rookit and anti rookit on Windows platform☆14Apr 30, 2024Updated last year
- Reports and POCs for CVE 2024-43570 and CVE-2024-43535☆29Jun 7, 2025Updated 8 months ago
- ☆18Mar 28, 2023Updated 2 years ago
- ☆17Apr 18, 2023Updated 2 years ago
- DTrace for Windows in userspace; Frontend to ETW☆27Oct 4, 2022Updated 3 years ago
- first commit☆64Oct 29, 2020Updated 5 years ago
- Monitor ETW events for Windows process mitigation policies, with stack traces☆31Oct 7, 2022Updated 3 years ago
- A kernel mode Windows rootkit in development.☆49Dec 31, 2021Updated 4 years ago
- 参考taviso的代码逆向一下mpengine.dll☆20Jun 30, 2022Updated 3 years ago
- 自己实现LoadLirbrary,GetProcAdd,FreeLirbrary等函数的功能,比特币病毒wcry就是用了这一功能☆18May 21, 2017Updated 8 years ago
- Open-source EDR kernel-component for system monitoring and DLL injection☆33Nov 14, 2020Updated 5 years ago
- A Privacy-Conscious, DNS-over-HTTP-Enabled, Blacklist-Incorporating SOCKS5 Proxy☆30Feb 28, 2019Updated 6 years ago
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115May 21, 2023Updated 2 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆52Dec 16, 2020Updated 5 years ago