0xTalShang / WindowsKernel
windwos内核研究与驱动Code
☆60Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for WindowsKernel
- 简单安排一下 autochk.sys 这个rootkit☆67Updated last year
- IDA Python script for generating Windows x86 shellcode with one click☆35Updated last year
- 沙箱测试,测评国内常见沙箱的代码与结论☆98Updated 3 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆62Updated 2 years ago
- Windows Kernel Knowledge && Collect Resources on the wire && Nothing innovation by myself &&☆52Updated this week
- 通过ACPI检测沙箱☆43Updated last year
- power-kill is a project that kill protected processes (such as EDR or AV) by injecting shellcode into high privilege processes☆46Updated 3 years ago
- Kill Protected Process Light Process (include av)☆54Updated last year
- 大数字驱动逆向代码☆65Updated last year
- demo抛砖引玉作为一个思路,此思路再魔改一下是可以连着主动防御整个关掉的,还在用,就不演示了☆8Updated 2 years ago
- ☆30Updated 4 years ago
- 通杀检测基于白文件patch黑代码的免杀技术的后门☆101Updated 3 months ago
- ☆89Updated 3 years ago
- 一个加壳工具☆62Updated 5 years ago
- 具备对PE文件添加区段、添加花指令、对代码段加密、修复重定位、加密IAT等功能☆58Updated 4 years ago
- ☆22Updated 3 years ago
- 白文件扫描器 非公开☆26Updated 3 years ago
- 免杀计划任务进行权限维持,过主流杀软。 A schtask tool bypass anti-virus☆66Updated 2 years ago
- 模仿操作系统,加载pe文件到内存中☆71Updated 5 years ago
- ☆36Updated 4 years ago
- WINDOWS黑客編程技術詳解 [Windows-Hack-Programming backup]☆41Updated 5 years ago
- Beacon compiled using clang☆59Updated last year
- ☆23Updated 2 years ago
- 内存加载DLL 支持X86和X64(Memory PELoader Support X86 and X64)☆30Updated last year
- 过360拦截加载无驱动签名☆59Updated 3 years ago
- Windows CVE主防(HIPS/HIDS)☆54Updated 3 years ago
- [windows]pe -> shellcode -> shellcodeLoader -> (pe2shellcode go on?)☆75Updated 2 years ago
- Hide processes, files, services in Windows ring3☆21Updated 5 months ago