wes4m / unHooker
Kernel (Ring0) - SSDT unhook driver
☆14Updated 7 years ago
Alternatives and similar repositories for unHooker:
Users that are interested in unHooker are comparing it to the libraries listed below
- PE Infector/Cryptor source code☆15Updated 7 years ago
- ☆20Updated 7 years ago
- User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.☆19Updated 9 years ago
- Enumerate the DLLs/Modules using NtQueryVirtualMemory☆32Updated 9 years ago
- Ssdt Hook Detection tool☆13Updated 8 years ago
- A Proof-of-Concept win32 DLL that makes use of netbios session token replay to propagate through a Windows Domain☆25Updated 6 years ago
- ☆18Updated 5 years ago
- The project was upgraded from https://coder.pub/ and supported VS2017. The original author wrote the detailed design ideas documentation…☆19Updated 7 years ago
- A MITM proxy server for reflective DLL injection through WinINet☆15Updated 6 years ago
- Kernel-Mode rootkit that connects to a remote server to send & recv commands☆31Updated 6 years ago
- HTTP/HTTPS/DNS inspector (windows driver)☆26Updated 6 years ago
- An aggregate of tools used in the core of vmp_dbg plus other parsing utils to parse vmp bc.☆15Updated 8 years ago
- 驱动层拦截web访问源码☆29Updated 6 years ago
- reversed emet tool☆24Updated 12 years ago
- A working version of this tutorial: https://docs.microsoft.com/en-us/windows/desktop/rpc/tutorial☆16Updated 5 years ago
- hooking KiUserApcDispatcher☆24Updated 7 years ago
- opensc RAT from http://hi.baidu.com/yycblog/item/b8f0cdf9c1f945c10cd1c8da☆12Updated 10 years ago
- Legal access: The driver and console app to demonstrate the basic memory access in kernel mode☆9Updated 7 years ago
- An example of PE hollowing injection technique☆23Updated 5 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 6 years ago
- Helper utility for debugging windows PE/PE+ loader.☆51Updated 9 years ago
- Simple remote administration tool. Written in c++ and MASM.☆18Updated 6 years ago
- Execute an arbitrary command within the context of another process☆20Updated 5 years ago
- A POC for Windows Extension Host hooking☆22Updated 5 years ago
- x86/x64 dll injector☆30Updated 2 years ago
- metasploit loader with antivirus bypass module☆17Updated 8 years ago
- Code injection via delay load libraries☆34Updated 7 years ago
- Windows 10 UAC bypass PoC using LaunchInfSection☆34Updated 6 years ago
- Windows Application Loader Running *.Exe files in Memory against Scrylla☆21Updated 5 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆22Updated 7 years ago