Skip to content

Instantly share code, notes, and snippets.

kogramat

Block or report user

Report or block kogramat

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@kogramat
kogramat / Injectable.cpp
Created Dec 21, 2017 — forked from gavz/Injectable.cpp
Simple UserMode Hook Example
View Injectable.cpp
#include <windows.h>
#include <stdio.h>
FARPROC fpCreateProcessW;
BYTE bSavedByte;
// Blog Post Here:
// https://0x00sec.org/t/user-mode-rootkits-iat-and-inline-hooking/1108
// tasklist | findstr explore.exe
@kogramat
kogramat / inject.c
Created Dec 21, 2017 — forked from gavz/inject.c
Process Doppelgänging
View inject.c
//
// Ref = src
// https://www.blackhat.com/docs/eu-17/materials/eu-17-Liberman-Lost-In-Transaction-Process-Doppelganging.pdf
//
#include <Windows.h>
#include <ntstatus.h>
#include "ntos.h"
VOID ProcessDoppelgänging(
You can’t perform that action at this time.