Beast code in Giters

Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.

Language:CNOASSERTION000

Divert

WinDivert: Windows Packet Divert

NOASSERTION000

FilelessPELoader

Loading Remote AES Encrypted PE in memory , Decrypted it and run it

000

HyperDeceit

HyperDeceit is the ultimate all-in-one library that emulates Hyper-V for Windows, giving you the ability to intercept and manipulate operating system tasks with ease.

Language:C++MIT000

InfinityHook

Hook system calls, context switches, page faults and more.

000

InfinityHookPro

InfinityHookPro Win7 -> Win11 latest

MIT000

Inline-Execute-PE

Execute unmanaged Windows executables in CobaltStrike Beacons

Apache-2.0000

The goal of the tool is to monitor requests received by selected device objects or kernel drivers. The tool is quite similar to IrpTracker but has several enhancements. It supports 64-bit versions of Windows (no inline hooks are used, only moodifications to driver object structures are performed) and monitors IRP, FastIo, AddDevice, DriverUnload an

MIT000

kdmapper

KDMapper is a simple tool that exploits iqvw64e.sys Intel driver to manually map non-signed drivers in memory

MIT000

miniblink49

a lighter, faster browser kernel of blink to integrate HTML UI in your app. 一个小巧、轻量的浏览器内核，用来取代wke和libcef

Apache-2.0000

Nidhogg

Nidhogg is an all-in-one simple to use rootkit for red teams.

Language:C++BSD-2-Clause000

PrivKit

PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.

GPL-3.0000

ProcessHacker

A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware—mirror of https://github.com/processhacker2/processhacker.git

NOASSERTION000