y11en / PEBFakeLinks
PEBFake(修改PEB 伪装当前进程路径、参数等)
☆51Updated 4 years ago
Alternatives and similar repositories for PEBFake
Users that are interested in PEBFake are comparing it to the libraries listed below
Sorting:
- ☆26Updated 7 years ago
- 绕过卡巴斯基主动防御,加载驱动,unhook所有ssdt hook及shadow ssdt hook☆37Updated 9 years ago
- Open-source EDR kernel-component for system monitoring and DLL injection☆31Updated 4 years ago
- x86/x64 dll injector☆31Updated 3 years ago
- A kernel mode Windows rootkit in development.☆49Updated 3 years ago
- Windows CVE主防(HIPS/HIDS)☆55Updated 4 years ago
- 参考taviso的代码逆向一下mpengine.dll☆20Updated 3 years ago
- Windows Sandbox Framework☆39Updated 3 years ago
- 一个早期的抗启发式查杀的WIN32免杀壳☆44Updated 12 years ago
- From 32-bit process to 64-bit process☆70Updated 4 years ago
- windows rpc 使用MIDL+RPC实现HelloWorld☆23Updated 7 years ago
- Load Dll into Kernel space☆38Updated 2 years ago
- Enumerate the DLLs/Modules using NtQueryVirtualMemory☆32Updated 10 years ago
- Easily hook WIN32 x64 functions☆18Updated 5 months ago
- Rapid generation ShellCode☆60Updated 7 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆69Updated 3 years ago
- Call NtCreateUserProcess directly as normal.☆72Updated 3 years ago
- shellcode注入测试工具☆50Updated 5 years ago
- exploit termdd.sys(support kb4499175)☆59Updated 6 years ago
- inject dll from kernal mode to user mode process use Apc☆33Updated 5 years ago
- A simple program to obfuscate code written in cpp.☆50Updated last year
- sc4cpp is a shellcode framework based on C++☆90Updated 3 years ago
- A working version of this tutorial: https://docs.microsoft.com/en-us/windows/desktop/rpc/tutorial☆16Updated 6 years ago
- a dkom rootkit that targets windows x64 systems. the rootkit hooks and edits criticl memory sections in order to hide different resources…☆18Updated 2 years ago
- c++ implementation of windows heavens gate☆72Updated 4 years ago
- 基于UC的启发式杀毒引擎[还没做完]☆34Updated 4 years ago
- A collection of cpuid instruction implementations for anti-vm purposes.☆9Updated last year
- ☆33Updated 3 years ago
- A simple parser(library) which extracts shimcache data from windows.☆15Updated 6 years ago
- windows inlinehook R3 R0☆11Updated 7 years ago