sc4cpp is a shellcode framework based on C++
☆95Aug 29, 2021Updated 4 years ago
Alternatives and similar repositories for sc4cpp
Users that are interested in sc4cpp are comparing it to the libraries listed below
Sorting:
- c++ implementation of windows heavens gate☆70Feb 12, 2021Updated 5 years ago
- 利用物理内存映射,实现虚拟内存的伪隐藏☆86Sep 15, 2022Updated 3 years ago
- Using NtCreateFile and NtDeviceIoControlFile to realize the function of winsock(利用NtCreateFile和NtDeviceIoControlFile 实现winsock的功能)☆128Sep 9, 2022Updated 3 years ago
- a monitoring windows driver calls kernel api tools☆126Jul 5, 2024Updated last year
- https://key08.com/index.php/2021/10/19/1375.html☆71May 11, 2022Updated 3 years ago
- Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…☆218Feb 20, 2023Updated 3 years ago
- shellcode 生成框架☆290Mar 23, 2022Updated 3 years ago
- Library for using direct system calls☆36Jan 30, 2025Updated last year
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- Hook NtDeviceIoControlFile with PatchGuard☆107May 10, 2022Updated 3 years ago
- Code Injection, Inject malicious payload via pagetables pml4.☆243Jul 7, 2021Updated 4 years ago
- ☆27Jan 4, 2024Updated 2 years ago
- Call 32bit NtDLL API directly from WoW64 Layer☆62Nov 18, 2020Updated 5 years ago
- An experimental dynamic malware unpacker based on Intel Pin and PE-sieve☆63Aug 21, 2024Updated last year
- A kernel mode Windows rootkit in development.☆49Dec 31, 2021Updated 4 years ago
- 自用的shellcode生成框架☆33Jul 5, 2023Updated 2 years ago
- Fast Conversion Windows Dynamic Link Library To ShellCode☆420Mar 10, 2022Updated 3 years ago
- Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging☆580Mar 8, 2024Updated last year
- Call NtCreateUserProcess directly as normal.☆77May 17, 2022Updated 3 years ago
- Radical Windows ARK☆251Apr 18, 2025Updated 10 months ago
- 使用纯C/C++编写的ShellCode生成框架☆452May 25, 2019Updated 6 years ago
- Bypasses for Windows kernel callbacks PatchGuard protection☆44Aug 15, 2021Updated 4 years ago
- ☣️ Necro Stealer + Web Panel☆10May 2, 2020Updated 5 years ago
- ☆11Jan 29, 2021Updated 5 years ago
- UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red …☆349Jul 3, 2022Updated 3 years ago
- A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…☆97Sep 26, 2019Updated 6 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆121Feb 8, 2022Updated 4 years ago
- Easy Anti PatchGuard☆223Apr 9, 2021Updated 4 years ago
- Kernel-based memory hacking framework communicating with a kernel driver via sockets.☆97May 25, 2021Updated 4 years ago
- DarkRat source - beware untested source and resources.☆21Dec 7, 2019Updated 6 years ago
- ☆74Jul 23, 2021Updated 4 years ago
- InfinityHookPro Win7 -> Win11 latest☆551Feb 7, 2023Updated 3 years ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆140Sep 12, 2022Updated 3 years ago
- Detect removed thread from PspCidTable.☆75Mar 18, 2022Updated 3 years ago
- Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used☆92Aug 26, 2021Updated 4 years ago
- 使用 Intel 虚拟化特性实现应用层HOOK☆65Sep 11, 2025Updated 5 months ago
- Extracting Syscall Stub, Modernized☆65Apr 2, 2022Updated 3 years ago
- 这是一个基于gh0st远程控制的项目,使自己更深入了解远控的原理,采用VS2017,默认分支hijack还在修改不能执行,master分支的项目可以正常的运行的,你可以切换到该分支查看可以执行的代码☆524Oct 14, 2020Updated 5 years ago
- etw hook (syscall/infinity hook) compatible with the latest Windows version of PG☆324Apr 27, 2024Updated last year