5 skills found
hlldz / RefleXXionRefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, it first collects the syscall numbers of the NtOpenFile, NtCreateSection, NtOpenSection and NtMapViewOfSection found in the LdrpThunkSignature array.
danielkrupinski / OneByteLdrBypass for CS:GO's LoadLibrary injection prevention mechanism, achieved by patching one byte of game memory.
SegaraRai / PathRedirectorRewrites filepath on file i/o by hooking NtCreateFile, NtOpenFile and NtSetInformationFile.
Dess1e / Ntdll Ntopenfile Hookthe simplest detour hook of ntdll function
JoasASantos / DirectSyscall ExampleExample of direct syscalls in Windows using NtOpenFile and NtClose Syscalls
