Cody2333 / SSDT_HOOK
ssdt hook 框架的简单实现
☆14Updated 8 years ago
Alternatives and similar repositories for SSDT_HOOK:
Users that are interested in SSDT_HOOK are comparing it to the libraries listed below
- x64 Kernel Hooks Detection☆24Updated 8 years ago
- [POC Detected]Bypass BE Anti Dll Injection (POC/Need Driver)☆14Updated 5 years ago
- by others☆38Updated 7 years ago
- Hook IDT vector 0xb2 to detect SCI in 64bit windows.☆34Updated 2 years ago
- Protected Process Light Library☆18Updated 4 years ago
- ☆23Updated 7 years ago
- ☆40Updated 5 years ago
- For Example. See Miro's Blog☆30Updated 2 years ago
- ☆26Updated 7 years ago
- The windows kernel ssdt hook demo☆16Updated 6 years ago
- ☆26Updated 7 years ago
- ☆36Updated 8 years ago
- ☆23Updated 7 years ago
- DllInject (Memory Load)☆10Updated 6 years ago
- ☆46Updated 7 years ago
- 粗暴地枚举管理内核的WFP对象。 Manage kernel WFPs in a brutal way.☆26Updated 7 years ago
- Sysark全称system anti-rootkit,是我学习内核写的工 具(2013年的代码,后续不会再更新),里面基本上所有的功能都是用内核实现的。这里只是实现了反rootkit部分功能,作为工具的话,本人觉得还欠完善,但作为学习,或有人需要。目前针对的是XP SP2,…☆27Updated 7 years ago
- viewing page boundaries of pages with PAGE_NOACCESS protection reveals the presence of x64dbg.☆23Updated 8 years ago
- 对debughelp的二次开发☆11Updated 2 years ago
- map driver to memory☆25Updated 6 years ago
- What makes it page☆17Updated 2 years ago
- An ark tool's driver☆40Updated 7 years ago
- A simple native code virtualizer for 32-bit Windows PE☆15Updated 9 years ago
- a demo for x86/x64's paging memory management learning, convert a virtual address from ring3 to physical address in ring0☆17Updated 7 years ago
- windows inlinehook R3 R0☆11Updated 6 years ago
- ☆12Updated 8 months ago
- Kernel Inject Process☆11Updated 7 years ago
- old code from 2007/2008 which uses split TLB to trace OEP☆16Updated 6 years ago
- PoC of BOOST-ed _EPROCESS.VadRoot iterating☆25Updated 10 years ago
- ☆31Updated 4 years ago