ytk2128 / api-monitor32

Related projects ⓘ

Alternatives and complementary repositories for api-monitor32

• 0xMegaByte / COM-Explained
  ☆27Updated 2 years ago
• ph4s3tw0 / GetProcAddressCaseStudies
  Six cases demonstrating methods of optimizing GetProcAddress
  ☆17Updated 2 years ago
• 0vercl0k / inject
  Yet another Windows DLL injector.
  ☆38Updated 2 years ago
• 7eRoM / elam
  A Practical example of ELAM (Early Launch Anti-Malware)
  ☆30Updated 3 years ago
• waleedassar / SyscallNumberFinder
  ☆32Updated 3 years ago
• hMihaiDavid / addscn
  Add an empty section to a PE file
  ☆49Updated 7 years ago
• jbaines-r7 / dellicious
  Enabled / Disable LSA Protection via BYOVD
  ☆62Updated 2 years ago
• uvbs / NT-APC-Injector
  APC DLL Injector with NtQueueApcThread and wake up thread support
  ☆44Updated 7 years ago
• OxNinja / C-VM
  My try to implement a virtual CPU in C
  ☆19Updated 11 months ago
• jackullrich / TRunPE
  A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…
  ☆92Updated 5 years ago
• alfarom256 / PebLdr
  ☆15Updated 3 years ago
• therealdreg / cgaty
  Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)
  ☆69Updated last year
• iammaguire / Salient-Rootkit
  A kernel mode Windows rootkit in development.
  ☆49Updated 2 years ago
• AlionGreen / apc-injection
  Process Injection: APC Injection
  ☆27Updated 3 years ago
• AzAgarampur / byeintegrity3-uac
  Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler
  ☆26Updated 3 years ago
• rad9800 / VehApiResolve
  ☆98Updated 2 years ago
• Jb05s / Exploit-Dev-C
  ☆22Updated 4 years ago
• ch3rn0byl / WinDbg-Extensions
  ☆17Updated 3 years ago
• m417z / LdrDllNotificationHook
  Hook all callbacks which are registered with LdrRegisterDllNotification
  ☆81Updated last year
• ASkyeye / CVE-2018-19320
  Exploiting ring0 memcpy-like functionality to disable Driver Signing Enforcement (DSE)
  ☆20Updated 4 years ago
• rbmm / DirectSysCall
  ☆12Updated last year
• Flawww / ObfuscatedJumpGenerator
  Dynamically generated obfuscated jumps and/or function calls
  ☆33Updated last year
• mobdk / CloneProcess
  Clone running process with ZwCreateProcess
  ☆58Updated 4 years ago
• d35ha / PEReflectiveInjection
  Remote PE reflective injection with a simple reflective loader
  ☆29Updated 5 years ago
• st4ckh0und / hook-buster
  A compact tool for detecting AV/EDR hooks in default Windows libraries.
  ☆29Updated 2 years ago
• jnastarot / cleancall
  Library for using direct system calls
  ☆35Updated 4 years ago
• yardenshafir / CallbackObjectAnalyzer
  Dumps information about all the callback objects found in a dump file and the functions registered for them
  ☆34Updated 4 years ago