TitanHide
Process Hider
A tool that hides processes from kernel debugger detection and analysis by modifying the behavior of various system calls.
Hiding kernel-driver for x86/x64.
2k stars
81 watching
421 forks
Language: C
last commit: about 1 year ago anti-debuggingdriverhacktoberfestrootkitwindows
Related projects:
| Repository | Description | Stars |
|---|---|---|
 voidzero/omz-plugin-psgrep | A plugin that hides its own process from the results of a ps aux | grep command by expanding the pattern to match only part of the process name. | 0 |
 omerya/invisi-shell | A tool to hide PowerShell scripts from security features by hooking .Net assemblies | 1,117 |
 hasherezade/hollows_hunter | Analyzes running processes to detect and dump malicious code | 2,047 |
 m0nad/diamorphine | A Linux kernel module designed to create a stealthy backdoor and hide processes or users from system administrators. | 1,865 |
 rasta-mouse/ppenum | A tool to determine the protection level of a process using a simple Binary Object Formatter (BOF) approach. | 111 |
 usualsuspect/malscan | A tool to detect and analyze malicious code in process memory by executing Python scripts on YARA matches | 12 |
 redsection/offensiveph | A tool that utilizes an old driver to bypass user-mode access controls and inject malicious code into processes | 329 |
 phackt/stager.dll | A tool that embeds known payloads to evade detection by Windows Defender | 170 |
 octoberfest7/kdstab | A tool used to bypass Windows Defender by manipulating process integrity and privileges | 156 |
 mgeeky/stracciatella | A tool to bypass security features in PowerShell and create an unmanaged environment for executing malicious code | 509 |
 trapexit/scorch | A tool to catalog files and their hashes to help in discovering file corruption, missing files, duplicates, etc. | 199 |
| rasta-mouse/tikitorch | A tool for injecting shellcode into processes on Windows using process injection techniques | 753 |
 secrary/makin | An analysis tool that reveals anti-debugging and anti-VM techniques used by malware samples. | 735 |
 yardenshafir/mitigationflagsclitool | Prints mitigation policy information for processes in a memory dump file. | 46 |
 niemand-sec/reclass.net-driverreader | A tool to read process memory in a game without AC bypassing | 89 |