zodiacon / ApiSetView
API Set Viewer
☆84Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for ApiSetView
- ☆60Updated 9 months ago
- ☆67Updated last year
- Run Processes as PPL with ELAM☆146Updated 2 years ago
- Run any executable as SYSTEM account (no service required)☆121Updated 5 months ago
- Explore Job Objects on a Windows system☆80Updated 5 years ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆110Updated 3 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆51Updated 3 years ago
- ☆78Updated 2 years ago
- Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider☆162Updated last year
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆134Updated 5 years ago
- Some Code Samples for Windows based Inter-Process-Communication (IPC)☆158Updated 8 months ago
- Monitors ETW for security relevant syscalls maintaining the set called by each unique process☆49Updated last year
- The Console Monitor Driver is a KMDF kernel-mode filter driver that captures certain Fast I/O operations (input and output) that is sent …☆36Updated 2 years ago
- ☆68Updated 2 years ago
- Demos and presentation from SECArmy Village Grayhat 2020☆36Updated last year
- C++ library for low-level Windows development☆71Updated 6 months ago
- A WinDbg extension to trace COM interactions☆110Updated 9 months ago
- An command-line RPC method enumerator, born out of RPCView's awesomeness☆98Updated 5 years ago
- https://blog.f-secure.com/hiding-malicious-code-with-module-stomping/☆112Updated 5 years ago
- Local OXID Resolver (LCLOR) : Research and Tooling☆33Updated 3 years ago
- Code samples that serve as references for Windows API functions☆12Updated 5 months ago
- Command like tool to print mitigation flags for running processes in a memory dump☆44Updated 4 years ago
- ☆24Updated 11 months ago
- A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks.☆104Updated 2 years ago
- Sysmon shenanigans☆65Updated 4 years ago
- A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.☆156Updated 3 months ago
- Enumerate various traits from Windows processes as an aid to threat hunting☆183Updated 2 years ago
- ☆17Updated 3 years ago
- Files for http://blog.deniable.org/posts/windows-callbacks/☆67Updated 2 years ago
- Weaponizing Gigabyte driver for priv escalation and bypass PPL☆68Updated 5 years ago