0xTalShang / WindowsKernel
windwos内核研究与驱动Code
☆62Updated 3 years ago
Alternatives and similar repositories for WindowsKernel:
Users that are interested in WindowsKernel are comparing it to the libraries listed below
- 简单安排一下 autochk.sys 这个rootkit☆71Updated 2 years ago
- IDA Python script for generating Windows x86 shellcode with one click☆37Updated last year
- WINDOWS黑客編程技術詳解 [Windows-Hack-Programming backup]☆42Updated 5 years ago
- 沙箱测试,测评国内常见沙箱的代码与结论☆100Updated 3 years ago
- Windows Kernel Knowledge && Collect Resources on the wire && Nothing innovation by myself &&☆56Updated 2 months ago
- https://key08.com/index.php/2021/10/19/1375.html☆65Updated 2 years ago
- 一个加壳工具☆62Updated 5 years ago
- Remote Download and Memory Execute for shellcode framework☆91Updated 2 years ago
- 模仿操作系统,加载pe文件到内存中☆74Updated 5 years ago
- 复现《EDR的梦魇:Storm-0978使用新型内核注入技术“Step Bear”》☆128Updated 4 months ago
- 利用物理内存映射,实现虚拟内存的伪隐藏☆84Updated 2 years ago
- vs2019 环境 Gh0st编译通过☆11Updated 3 years ago
- 大数字驱动逆向代码☆71Updated last year
- 白文件扫描器 非公开☆26Updated 3 years ago
- 《Windows 内核安全编程技术实践》 系列丛书,探索 Anti RootKit 反内核工具核心原理与技术实现细节。☆51Updated 2 years ago
- Kill Protected Process Light Process (include av)☆56Updated last year
- 利用图片隐写术来远程动态加载shellcode☆95Updated 2 years ago
- 通杀检测基于白文件patch黑代码的免杀技术的后门☆152Updated 7 months ago
- ☆91Updated 3 years ago
- 隐藏可执行内存☆248Updated last year
- Windows CVE主防(HIPS/HIDS)☆54Updated 3 years ago
- power-kill is a project that kill protected processes (such as EDR or AV) by injecting shellcode into high privilege processes☆46Updated 3 years ago
- 《Windows内核编程》学习☆57Updated 4 years ago
- 过360拦截加载无驱动签名☆60Updated 3 years ago
- shellcode生成框架☆84Updated 8 months ago
- 一款linux下的安全产品目的是满足个人安全需求有SSH爆破防护和SYN攻击扫描防护功能,基于netfilter,☆19Updated last year
- A tool that expands the size of the text section in a PE file without loss, supporting both 32-bit and 64-bit programs.☆29Updated 10 months ago
- ☆30Updated last year