Waterman178

Waterman178's Stars

• mike1k/perses

  X86 Mutation Engine with Portable Executable compatibility.

  Language:C++47413768

• danielkrupinski/MemJect

  Simple Dll injector loading from memory. Supports PE header and entry point erasure. Written in C99.

  Language:C465202589

• horsicq/xntsv

  XNTSV program for detailed viewing of system structures for Windows.

  Language:QMake44716770

• MartinDrab/IRPMon

  The goal of the tool is to monitor requests received by selected device objects or kernel drivers. The tool is quite similar to IrpTracker but has several enhancements. It supports 64-bit versions of Windows (no inline hooks are used, only moodifications to driver object structures are performed) and monitors IRP, FastIo, AddDevice, DriverUnload and StartIo requests.

  Language:Pascal3682910896

• ez8-co/yapi

  💉 全能进程注入器 [Yet Another Process Injector] that reduce differences between x64, wow64 and x86 processes.

  Language:C++27414485

• kkent030315/anycall

  x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration

  Language:C++2518560

• kindtime/nosferatu

  Windows NTLM Authentication Backdoor

  Language:C++2346046

• hzphreak/VMInjector

  DLL Injection tool to unlock guest VMs

  Language:C++23132183

• Compiled-Code/be-injector

  Language:C++2137061

• weak1337/BE-Shellcode

  Code for Battleyes shellcode

  Language:C++21210173

• HadesW/mhy_exp

  Mhy Exp (exploit signed driver)

  Language:C++1383049

• capt-meelo/NtCreateUserProcess

  Minimal PoC developed as discuss in https://captmeelo.com/redteam/maldev/2022/05/10/ntcreateuserprocess.html

  Language:C1279428

• glumb/mrc

  MicroPede robot controller 🤖🖥👾

  Language:C9818845

• Microwave89/rtsectiontest

  An Attempt to Bypass Memory Scanners By Misusing the ntdll.dll "RT" Section.

  Language:C9511547

• momo5502/ept-hook-detection

  Different aproaches to detecting EPT hooks

  Language:C++877021

• EBalloon/MapPage

  Mapping your code on a 0x1000 size page

  Language:C++706230

• ekknod/KiSystemStartupMeme

  Custom KiSystemStartup, can be used to modificate kernel before boot.

  Language:C525112

• Eva1216/MagicWall

  Language:C453148

• weak1337/BEShellcodeDumper

  Language:C++403016

• estimated1337/executor

  fecurity executor from factory

  Language:C++333027

• rtyuiow/vmware-backdoor

  vmware-backdoor

  Language:C++331116

• glumb/robotDK-MRC-driver

  A simple driver to control a MRC based robot with roboDK

  Language:Python27515

• polakow/WindowsBypassSMEP

  Example for PagedOut!

  Language:C243110

• misslng/boundcallback

  Language:C++233012

• AlgoPeek/ReadDirectoryChanges

  how to use ReadDirectoryChangesW by IO completion port on windows platform.

  Language:C++19319

• muturikaranja/disable-threat-tracing

  Disable threat tracing from the kernel..

  Language:C12208

• TheNNX/NNXOS64

  A 64 bit OS

  Language:C11004

• Zpes/discord-hook-injector

  Language:C++11205

• Zpes/copy-calling

  Language:C++5102

• Dark-Guan/mecanumbot-ros-pkg

  A ROS package for the Mecanumbot robot.

  Language:C++2200