├── BOF
    ├── InstallHooks.c
    ├── InstallHooks.x64.o
    ├── MemFiles.c
    ├── MemFiles.x64.o
    ├── beacon.h
    └── bofdefs.h
├── MemFiles.cna
├── MemFiles_Demo.gif
├── PIC
    ├── Bin
    │   ├── NtClose.x64.bin
    │   ├── NtCreateFile.x64.bin
    │   ├── NtFlushBuffersFile.x64.bin
    │   ├── NtOpenFile.x64.bin
    │   ├── NtQueryInformationFile.x64.bin
    │   ├── NtQueryVolumeInformationFile.x64.bin
    │   ├── NtReadFile.x64.bin
    │   ├── NtSetInformationFile.x64.bin
    │   ├── NtWriteFile.x64.bin
    │   └── asm.x64.o
    ├── Include
    │   ├── Core.h
    │   ├── Macros.h
    │   ├── Utils.h
    │   └── Win32.h
    ├── Scripts
    │   ├── Hasher
    │   ├── Hasher.c
    │   ├── Linker.ld
    │   └── extract.py
    └── Source
    │   ├── Asm
    │       └── x64
    │       │   └── asm.s
    │   ├── NtClose.c
    │   ├── NtCreateFile.c
    │   ├── NtFlushBuffersFile.c
    │   ├── NtOpenFile.c
    │   ├── NtQueryInformationFile.c
    │   ├── NtQueryVolumeInformationFile.c
    │   ├── NtReadFile.c
    │   ├── NtSetInformationFile.c
    │   ├── NtWriteFile.c
    │   ├── Utils.c
    │   └── Win32.c
├── README.md
└── makefile


/BOF/InstallHooks.c:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/BOF/InstallHooks.c


--------------------------------------------------------------------------------
/BOF/InstallHooks.x64.o:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/BOF/InstallHooks.x64.o


--------------------------------------------------------------------------------
/BOF/MemFiles.c:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/BOF/MemFiles.c


--------------------------------------------------------------------------------
/BOF/MemFiles.x64.o:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/BOF/MemFiles.x64.o


--------------------------------------------------------------------------------
/BOF/beacon.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/BOF/beacon.h


--------------------------------------------------------------------------------
/BOF/bofdefs.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/BOF/bofdefs.h


--------------------------------------------------------------------------------
/MemFiles.cna:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/MemFiles.cna


--------------------------------------------------------------------------------
/MemFiles_Demo.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/MemFiles_Demo.gif


--------------------------------------------------------------------------------
/PIC/Bin/NtClose.x64.bin:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Bin/NtClose.x64.bin


--------------------------------------------------------------------------------
/PIC/Bin/NtCreateFile.x64.bin:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Bin/NtCreateFile.x64.bin


--------------------------------------------------------------------------------
/PIC/Bin/NtFlushBuffersFile.x64.bin:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Bin/NtFlushBuffersFile.x64.bin


--------------------------------------------------------------------------------
/PIC/Bin/NtOpenFile.x64.bin:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Bin/NtOpenFile.x64.bin


--------------------------------------------------------------------------------
/PIC/Bin/NtQueryInformationFile.x64.bin:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Bin/NtQueryInformationFile.x64.bin


--------------------------------------------------------------------------------
/PIC/Bin/NtQueryVolumeInformationFile.x64.bin:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Bin/NtQueryVolumeInformationFile.x64.bin


--------------------------------------------------------------------------------
/PIC/Bin/NtReadFile.x64.bin:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Bin/NtReadFile.x64.bin


--------------------------------------------------------------------------------
/PIC/Bin/NtSetInformationFile.x64.bin:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Bin/NtSetInformationFile.x64.bin


--------------------------------------------------------------------------------
/PIC/Bin/NtWriteFile.x64.bin:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Bin/NtWriteFile.x64.bin


--------------------------------------------------------------------------------
/PIC/Bin/asm.x64.o:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Bin/asm.x64.o


--------------------------------------------------------------------------------
/PIC/Include/Core.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Include/Core.h


--------------------------------------------------------------------------------
/PIC/Include/Macros.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Include/Macros.h


--------------------------------------------------------------------------------
/PIC/Include/Utils.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Include/Utils.h


--------------------------------------------------------------------------------
/PIC/Include/Win32.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Include/Win32.h


--------------------------------------------------------------------------------
/PIC/Scripts/Hasher:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Scripts/Hasher


--------------------------------------------------------------------------------
/PIC/Scripts/Hasher.c:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Scripts/Hasher.c


--------------------------------------------------------------------------------
/PIC/Scripts/Linker.ld:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Scripts/Linker.ld


--------------------------------------------------------------------------------
/PIC/Scripts/extract.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Scripts/extract.py


--------------------------------------------------------------------------------
/PIC/Source/Asm/x64/asm.s:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Source/Asm/x64/asm.s


--------------------------------------------------------------------------------
/PIC/Source/NtClose.c:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Source/NtClose.c


--------------------------------------------------------------------------------
/PIC/Source/NtCreateFile.c:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Source/NtCreateFile.c


--------------------------------------------------------------------------------
/PIC/Source/NtFlushBuffersFile.c:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Source/NtFlushBuffersFile.c


--------------------------------------------------------------------------------
/PIC/Source/NtOpenFile.c:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Source/NtOpenFile.c


--------------------------------------------------------------------------------
/PIC/Source/NtQueryInformationFile.c:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Source/NtQueryInformationFile.c


--------------------------------------------------------------------------------
/PIC/Source/NtQueryVolumeInformationFile.c:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Source/NtQueryVolumeInformationFile.c


--------------------------------------------------------------------------------
/PIC/Source/NtReadFile.c:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Source/NtReadFile.c


--------------------------------------------------------------------------------
/PIC/Source/NtSetInformationFile.c:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Source/NtSetInformationFile.c


--------------------------------------------------------------------------------
/PIC/Source/NtWriteFile.c:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Source/NtWriteFile.c


--------------------------------------------------------------------------------
/PIC/Source/Utils.c:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Source/Utils.c


--------------------------------------------------------------------------------
/PIC/Source/Win32.c:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/PIC/Source/Win32.c


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/README.md


--------------------------------------------------------------------------------
/makefile:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Octoberfest7/MemFiles/HEAD/makefile


--------------------------------------------------------------------------------