takedetour
WinPriv
takedetour | WinPriv | |
---|---|---|
1 | 1 | |
30 | 33 | |
- | - | |
2.8 | 5.0 | |
about 2 months ago | 3 months ago | |
C++ | C++ | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
takedetour
-
Implementing Global Injection and Hooking in Windows
If you need to hook methods in a remote process (and also inject payload), you may also consider the Detours library [1]. It has a straightforward API and its repository contains many interesting samples. One thing I was missing in the library was a function to inject code into a running process. So I wrote takedetour [2] which I use as a template for my other projects. Maybe you will find it useful as well.
[1] https://github.com/microsoft/Detours
[2] https://github.com/lowleveldesign/takedetour
WinPriv
-
Restore shadow copies from CLI
For some stupid reason, Microsoft decided to guard the revert function in `vssadmin` on Windows 10. I wrote a generic program to lie to vssadmin and allow the extra functionality that you can download from here: https://github.com/NoMoreFood/WinPriv/releases.
What are some alternatives?
gpu_clock_stabilizer - Simple GPU clock stabilizer for consistent profiling
NSudo - [Deprecated, work in progress alternative: https://github.com/M2Team/NanaRun] Series of System Administration Tools
Microsoft Research Detours Package - Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.
x64dbg - An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
herpaderping - Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.
BLUESPAWN - An Active Defense and EDR software to empower Blue Teams
RIP - Free,Open-Source,Cross-platform agent and Post-exploiton tool written in Golang and C++.
keepassxc - KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.