wes4m / unHookerLinks
Kernel (Ring0) - SSDT unhook driver
☆14Updated 7 years ago
Alternatives and similar repositories for unHooker
Users that are interested in unHooker are comparing it to the libraries listed below
Sorting:
- ☆20Updated 7 years ago
- Ssdt Hook Detection tool☆13Updated 8 years ago
- PE Infector/Cryptor source code☆15Updated 8 years ago
- HTTP/HTTPS/DNS inspector (windows driver)☆26Updated 6 years ago
- Enumerate the DLLs/Modules using NtQueryVirtualMemory☆32Updated 9 years ago
- 驱动层拦截web访问源码☆29Updated 7 years ago
- Legal access: The driver and console app to demonstrate the basic memory access in kernel mode☆9Updated 7 years ago
- User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.☆19Updated 9 years ago
- ☆19Updated 9 years ago
- reversed emet tool☆24Updated 12 years ago
- The project was upgraded from https://coder.pub/ and supported VS2017. The original author wrote the detailed design ideas documentation…☆19Updated 7 years ago
- Code injection via delay load libraries☆35Updated 7 years ago
- A MITM proxy server for reflective DLL injection through WinINet☆15Updated 7 years ago
- x86/x64 dll injector☆30Updated 3 years ago
- opensc RAT from http://hi.baidu.com/yycblog/item/b8f0cdf9c1f945c10cd1c8da☆12Updated 11 years ago
- Kernel-mode file scanner☆18Updated 6 years ago
- KernelBugTest☆15Updated 7 years ago
- Windows Application Loader Running *.Exe files in Memory against Scrylla☆21Updated 5 years ago
- The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers☆34Updated 8 years ago
- Helper utility for debugging windows PE/PE+ loader.☆52Updated 10 years ago
- Basic Injector running on x64 machines that is able to load into x64 AND x86 processes☆21Updated 6 years ago
- A library that allows hook any imported function from the IAT (works only in x64)☆11Updated 6 years ago
- exploit termdd.sys(support kb4499175)☆59Updated 5 years ago
- This tool allows you to stealthily inject a DLL into a process.☆14Updated 9 years ago
- A working version of this tutorial: https://docs.microsoft.com/en-us/windows/desktop/rpc/tutorial☆16Updated 5 years ago
- A Proof-of-Concept win32 DLL that makes use of netbios session token replay to propagate through a Windows Domain☆26Updated 7 years ago
- Exploiting HEVD's WriteWhatWhereIoctlDispatch for LPE on Windows 10 TH2 through RS3 using GDI objects.☆24Updated 7 years ago
- A simple native code virtualizer for 32-bit Windows PE☆15Updated 9 years ago
- 一个早期的抗启发式查杀的WIN32免杀壳☆43Updated 11 years ago
- This project has been moved from a private repository☆26Updated 6 years ago