AMSI bypass techniques and tools
-
Updated
Mar 22, 2023 - PowerShell
AMSI bypass techniques and tools
A DLL injection of RdpThief.dll to perform API hooking and extract RDP credentials
Introducing the Eprocess struct and demonstrating some of the affect it may have on the system
List of ConDrv IOCTL code
POC project to demonstrate how to make a process (or a thread) critical. If such process (or thread) is terminated, this will cause a BSOD.
Microsoft Developer Blogs Search Tool
WinDBG notes and commands cheatsheet
Solutions to Windows Kernel Programming exercises by Pavel Yosifovich
Just poc for Alternate Data Stream shellcode loader
Standard and DLL Manual Mapping
Basic implementation of the Windows loader in Rust
LeakGuard is a project to prevent the use of leaked passwords.
Just another process dumping tool for Windows, supporting network delivery and snapshots
OBOE - Origami Binary for Objects and Executables
In this repo i will try to talk about windows internals and try to summary the course.
Read and Edit external application's memory address space with ease (Windows os)
Hollow is a tool for implementing the process hollowing technique.
PE32+ / 64-bit / LoadLibrary without imports table.
Add a description, image, and links to the windows-internals topic page so that developers can more easily learn about it.
To associate your repository with the windows-internals topic, visit your repo's landing page and select "manage topics."