PEBFake(修改PEB 伪装当前进程路径、参数等)
☆54Jan 19, 2021Updated 5 years ago
Alternatives and similar repositories for PEBFake
Users that are interested in PEBFake are comparing it to the libraries listed below
Sorting:
- v1版完成对PE头,区段,输入表的解析☆11Apr 16, 2018Updated 7 years ago
- it can extract functions from .dll, .exe, .sys and it be work! :)☆39Jun 11, 2019Updated 6 years ago
- Example library for how to dynamically/statically hook/intercept unmanaged functions and APIs☆13Nov 9, 2022Updated 3 years ago
- ☆18Oct 12, 2014Updated 11 years ago
- Ready-to-use headers for Windows Kernel SSDT indices☆11Apr 12, 2020Updated 5 years ago
- MircoSoft Detours 4.0.1,MIT License,Support X86,X64,ARM,IA64☆12Apr 23, 2018Updated 7 years ago
- Zerokit shared code☆17Mar 28, 2019Updated 6 years ago
- This project demonstares an illegal read- and write- access to the kernel-mode data for both allocated by 3rd party drivers and EPROCESS …☆13Mar 6, 2018Updated 7 years ago
- the basic version of the ring0 physical memory read/write tool☆92Aug 18, 2019Updated 6 years ago
- This project has been moved from a private repository.☆11May 4, 2018Updated 7 years ago
- ☆14Jul 28, 2018Updated 7 years ago
- Library for using direct system calls☆35Jan 30, 2025Updated last year
- Windows 10 UAC bypass PoC using LaunchInfSection☆35Aug 3, 2018Updated 7 years ago
- Скрытие Win API☆27Aug 14, 2019Updated 6 years ago
- LLVM Obfuscator / constexpr / PEB CALL API☆182Jan 24, 2019Updated 7 years ago
- bypass CRC☆12May 3, 2018Updated 7 years ago
- 常用代码类☆13May 31, 2014Updated 11 years ago
- x64 usermode rootkit☆211Apr 11, 2018Updated 7 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆41Dec 31, 2020Updated 5 years ago
- Collect different versions of Crucial modules.☆145Jul 11, 2024Updated last year
- lz77win sources!lz77 is the compression software for the windows platform.☆24Apr 16, 2019Updated 6 years ago
- map driver to memory☆26Aug 26, 2018Updated 7 years ago
- ☆17Feb 29, 2020Updated 6 years ago
- Using Undocumented NTDLL Functions to Read/Write/Delete File☆18Jan 25, 2021Updated 5 years ago
- x64HOOK库☆18Jan 14, 2020Updated 6 years ago
- A reflexive driver loader to bypass Windows DSE (featuring a custom PE loader)☆44Sep 1, 2018Updated 7 years ago
- PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook☆12May 30, 2024Updated last year
- Скрытие строки от отладчиков и декомпиляторов☆51Oct 16, 2019Updated 6 years ago
- MemoryRanger protects kernel data and code by running drivers and hosting data in isolated kernel enclaves using VT-x and EPT features. M…☆232Jul 26, 2020Updated 5 years ago
- User-mode part of Zerokit platform☆22Mar 30, 2019Updated 6 years ago
- Windows Manipulation Library (x64, User/Kernelmode)☆77Oct 4, 2018Updated 7 years ago
- This project has been moved from a private repository☆26Jun 4, 2018Updated 7 years ago
- Confirms the capability of Hardware-Accelerated Virtualization Technology.☆10Feb 26, 2026Updated last week
- 扫描以及恢复 r3hook 类☆10Aug 29, 2021Updated 4 years ago
- win32/x64 obfuscate framework☆33Apr 16, 2019Updated 6 years ago
- windows driver develop kit with c++ mail:maguojun123@126.com☆48Jul 15, 2019Updated 6 years ago
- Prototype of hijacking Windows driver dispatch routines in unmapped discardable sections☆55Mar 30, 2019Updated 6 years ago
- Simple 32/64-bit PEs loader.☆139Dec 19, 2018Updated 7 years ago
- Cross-platform library for parsing and building PE\PE+ formats☆80Jul 31, 2022Updated 3 years ago