xiaoxiaozhu5 / shadow_tls
shadow tls
☆17Updated 2 years ago
Alternatives and similar repositories for shadow_tls:
Users that are interested in shadow_tls are comparing it to the libraries listed below
- IAT-Obfuscation to make static analysis of executable harder.☆42Updated 3 years ago
- ☆27Updated 2 years ago
- Load Dll into Kernel space☆38Updated 2 years ago
- ☆11Updated 3 years ago
- collection of code snippets,windbg,python scripts and resources☆13Updated 2 years ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Updated 3 years ago
- Tiny driver patch to allow kernel callbacks to work on Win10 21h1☆34Updated 3 years ago
- A kernel mode Windows rootkit in development.☆48Updated 3 years ago
- A compact tool for detecting AV/EDR hooks in default Windows libraries.☆31Updated 2 years ago
- Rookit and anti rookit on Windows platform☆12Updated 11 months ago
- ☆8Updated 10 months ago
- ☆30Updated last year
- Based on nt5src☆15Updated last year
- My try to implement a virtual CPU in C☆19Updated last year
- A C/C++/Asm template for PIC malware☆10Updated 6 months ago
- bootkit驱动映射,三环进程注入加载指定模块☆12Updated 6 months ago
- https://www.huorong.cn/☆14Updated last year
- WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API☆22Updated 3 years ago
- Detect BypassUAC using AMSI☆22Updated 2 months ago
- An easy-to-use and powerful Macro for Stack Spoofing.☆20Updated 3 months ago
- Call NtCreateUserProcess directly as normal.☆71Updated 2 years ago
- ☆21Updated last year
- Anti-Analysis technique, trick the debugger by Hiding events from it.☆19Updated 3 years ago
- ☆16Updated 2 years ago
- Easily hook WIN32 x64 functions☆18Updated 2 months ago
- ☆9Updated 3 years ago
- Convert native dll to shellcode, and support exported function☆22Updated 4 years ago
- 关闭恶意驱动的文件和注册表保护☆12Updated 2 years ago
- neat way to detect memory read using nt layer function.☆14Updated last year
- Implementation of several code injection techniques.☆20Updated 3 years ago