List all drives and select removable only
Here is how to list all removable devices for infecting them or to perform other operations: #include <windows.h> #include <iostream> #include <conio.h> using namespace std; void...
View ArticleClik here to view.
Antivirus killer with AFX Rootkit
This is my new antivirus killer, AFX KillAV. This program block execution of antivirus software. AFX Windows Rootkit 2003 is used to hide the process of this program. Features: Run on Windows startup....
View ArticleDetermine all available process id's
This is a function i wrote to help me determine all id's of a process name nice and easy: #include <iostream> #include <windows.h> #include <Psapi.h> #include <TlHelp32.h>...
View ArticleClik here to view.
Detect debugger with TLS callback
TLS callback is a function that called before the process entry point executes. If you run the executable with a debugger, the TLS callback will be executed before the debugger breaks. This means you...
View ArticleDEMO PatchGuard disabling code for up-to-date Win8.1
is there anyone who is interested in testing my PatchGuard disabling code for up-to-date Win8.1 https://www.youtube.com/watch?v=mGl_6ekbtKw source download : https://github.com/tandasat/findpg...
View Articleneed help with sniff in the last version of FireFox 28.0
From where I should make a hook of functions in the last version of FireFox 28.0 ? nspr4.dll and nss3.dll for some reason no longer works. Does functions PR_OpenTCPSocket, PR_Close, PR_Read,...
View Article[Quick tutorial] Finding Kernel32 Base and walking its export table.
Hey all ,I'll just begin as the title says it all.Only Basic PE-format and assembly knowledge are required.The baby steps of any parasitic PE virus should be Finding the Kernel32 Base in the current...
View ArticleClik here to view.
SSDT PROcess and protect rootkit
Hello to all especially to zwclose7 share has come from the following code developed ... everything is complete without no problem .... it is detected by some antivirus few knew it and its function is...
View ArticleClik here to view.
How to kill antivirus process using c++?
Hi all, I want to kill AV process using c++! I tried A LOT of methods... 1) Used good old TerminateProcess(). 2) Used code cave injection. 3) Used DLL injection. Trying to kill Avast 7 AvastUI.exe. Im...
View ArticleProblem - Inject x64 DLL into x64 PE File
Hello I have problem with injection 64 bit dll into 64 bit exe file , in case i don't know what i should to do ? in 32 bit i have used PE-Inject and learn from it any one can help me with information...
View ArticleClik here to view.
String hash generator
Hello, this is my first string hash generator. It takes a string as input parameter, and computes it's hash. One use of the generated hash is resolve API address with hash. The program can parse the...
View ArticleCorrection for DIDATAFORMAT_Enum
While using API Monitor to debug a DirectInput issue, I came across a minor problem with the parameter decoding for the DIDATAFORMAT_Enum structure (defined in the dinput.h.xml). Currently the...
View ArticleClik here to view.
Writing shellcode in C++
Most shellcode are written in assembly language. However, it is possible to write shellcode in pure C++ without using assembly language. The following program injects shellcode into another process....
View ArticleClik here to view.
where is inteligence ?
imagine this is brain of simple worm.it answers to input (neurons without text),checks conditions(pain, pleasure, cold, heat, smell of food) sends command to executive part of brain that sends commands...
View ArticleClik here to view.
Introduce Yourself
Introduce yourself, what you program, how you found us. Nice to see new members and who they are
View Articlei love this website
This web site not a something other than teach me all that I miss schooling, you know what I mean. I sware some source code I have been expressed online as creation has been I decide the creation of a...
View ArticleClose Process by find a specific DLL inside it
Hi, I am using CreateProcess to spawn svchost in suspended state then I inject my DLL but when i want to end the process to re-inject for example there are many svchost processes so it is difficult...
View Articlesvchost DLL Injector
Should be useful to some; #include <Windows.h> #include <Tlhelp32.h> #include <Shlwapi.h> #include <Tchar.h> char g_szInjectorPath[MAX_PATH] = ""; char szTarget[] =...
View ArticleClik here to view.
[ASK]Protecting the Process from the ring0
Hello there, Is there anyone can give me a sample of how to protect a process from the ring0 ? Or just a little example of how to switch to ring0 I found this code:...
View Article
