ssdt hook 框架的简单实现
☆14Jun 9, 2016Updated 9 years ago
Alternatives and similar repositories for SSDT_HOOK
Users that are interested in SSDT_HOOK are comparing it to the libraries listed below
Sorting:
- The windows kernel ssdt hook demo☆16Nov 5, 2018Updated 7 years ago
- An SSDT hook for Windows☆62Oct 27, 2017Updated 8 years ago
- SSDT_process_hide_protect☆10Jul 17, 2014Updated 11 years ago
- Kernel based monitor to check if specified process loads libraries only from allowed directories☆12May 21, 2020Updated 5 years ago
- A test project to try the new win32k.sys system call filtering mitigation in Windows 10☆15Mar 17, 2019Updated 6 years ago
- ☆16Oct 7, 2020Updated 5 years ago
- Example Windows Kernel-mode Driver which finds process ID by executable file name.☆18Nov 23, 2019Updated 6 years ago
- ☆33Dec 22, 2020Updated 5 years ago
- Process hide tool based on Frost driver☆16Dec 5, 2018Updated 7 years ago
- ☆43Nov 18, 2024Updated last year
- Windows注入内核感染导入表注入X64☆13Oct 20, 2018Updated 7 years ago
- Simple command line version of Sysinternals WinObj. Currently just lists object names and types given an object manager directory.☆22Sep 4, 2023Updated 2 years ago
- 绕过卡巴斯基主动防御,加载驱动,unhook所有ssdt hook及shadow ssdt hook☆38Sep 27, 2015Updated 10 years ago
- ☆36Mar 22, 2017Updated 8 years ago
- ☆13Sep 17, 2020Updated 5 years ago
- Simple test for RDP client in .NET☆22May 1, 2013Updated 12 years ago
- An open source library for operating the Windows Overlay Filter driver.☆22Jan 16, 2019Updated 7 years ago
- Windows file system minifilter driver which generates backup copies of certain files before they change☆47Oct 13, 2018Updated 7 years ago
- ☆16Apr 23, 2019Updated 6 years ago
- A windows userland executable monitor☆23Jul 30, 2020Updated 5 years ago
- ☆21Feb 12, 2026Updated 3 weeks ago
- Black Signature Driver☆24Oct 20, 2023Updated 2 years ago
- Feature-rich C99 library for memory scanning purposes, designed for Windows running machines, meant to work on both 32-bit and 64-bit por…☆31Feb 7, 2026Updated 3 weeks ago
- A simple rootkit to hide a process☆47Jan 10, 2014Updated 12 years ago
- A C++ wrapper library around Windows WFP API which greatly simplifies the usage of the tedious WFP API☆23Aug 2, 2023Updated 2 years ago
- ☆11Dec 21, 2020Updated 5 years ago
- NT reversal☆25Jul 12, 2018Updated 7 years ago
- ☆24Feb 18, 2018Updated 8 years ago
- Sysark全称system anti-rootkit,是我学习内核写的工具(2013年的代码,后续不会再更新),里面基本上所有的功能都是用内核实现的。这里只是实现了反rootkit部分功能,作为工具的话,本人觉得还欠完善,但作为学习,或有人需要。目前针对的是XP SP2,…☆27Dec 26, 2017Updated 8 years ago
- driver manual mapper☆28Jan 28, 2020Updated 6 years ago
- Шаблон полнофункционального драйвера и обёртки над ядерным API☆114Aug 28, 2016Updated 9 years ago
- ☆28Jan 18, 2026Updated last month
- Yet Another Sig Scanner☆34Jul 18, 2018Updated 7 years ago
- Sample libraries to be used with IAT Patcher☆37Oct 1, 2022Updated 3 years ago
- 之前学习X64VT写的代码,很多坑,但是大体的逻辑还是完整的。�现发出来给更多想学VT的人参考...☆71Apr 26, 2021Updated 4 years ago
- An example driver for Windows that shows how to set-up some basic components of the Windows Filtering Platform☆205Jul 6, 2022Updated 3 years ago
- Static library and headers for linking your software with ntdll.dll☆37Dec 16, 2019Updated 6 years ago
- Files for http://blog.deniable.org/posts/windows-callbacks/☆77Feb 26, 2022Updated 4 years ago
- Example WDF/KMDF driver and test app demonstrating the "inverted call model"☆37May 1, 2020Updated 5 years ago