whokilleddb / BoosterDriverLinks
A step-by-step walkthrough of how to write a Client and a Driver to communicate with each other and boost the priority of a thread.
☆17Updated 2 years ago
Alternatives and similar repositories for BoosterDriver
Users that are interested in BoosterDriver are comparing it to the libraries listed below
Sorting:
- Manually perform syscalls without going through any external API or DLL.☆19Updated 2 years ago
- ☆30Updated 5 months ago
- Your NTDLL vaccine from modern direct syscall methods.☆36Updated 3 years ago
- https://github.com/janoglezcampos/c_syscalls with the ASM rewritten by myself for Visual Studio's Compiler.☆33Updated last year
- Research into removing strings & API call references at compile-time (Anti-Analysis)☆28Updated last year
- ☆42Updated 11 months ago
- process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread☆31Updated 4 years ago
- ☆11Updated 2 years ago
- Research of modifying exported function names at runtime (C/C++, Windows)☆18Updated last year
- Simple and sane compression wrapper library.☆19Updated 3 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated 2 years ago
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆27Updated 2 years ago
- Reimplementation of the KExecDD DSE bypass technique.☆57Updated last year
- Callstack spoofing using a VEH because VEH all the things.☆23Updated 10 months ago
- Modify managed functions from unmanaged code☆53Updated last year
- havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets☆43Updated last year
- A simple Linux in-memory .so loader☆33Updated 2 years ago
- Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits☆31Updated 3 years ago
- Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver☆53Updated 2 years ago
- Next gen process injection technique☆54Updated 5 years ago
- A Practical example of ELAM (Early Launch Anti-Malware)☆36Updated 4 years ago
- Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…☆81Updated 7 months ago
- A kernel driver to get a Handle to virtually *every* process☆13Updated 2 years ago
- A Bumblebee-inspired Crypter☆79Updated 3 years ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆26Updated 9 months ago
- Small tool to play with IOCs caused by Imageload events☆44Updated 2 years ago
- Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich☆17Updated last year
- Listing UDP connections with remote address without sniffing.☆31Updated 2 years ago
- Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…☆92Updated 6 months ago
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆20Updated 2 years ago