DarthTon / Polychaos
PE permutation library
☆259Updated last year
Related projects: ⓘ
- C++17 PE manualmapper☆244Updated 2 years ago
- x64 usermode rootkit☆199Updated 6 years ago
- PatchGuard Research☆290Updated 5 years ago
- driver mapper / capcom wrapper☆213Updated 4 years ago
- RootKit & Cheat Scanner - Windows☆212Updated 5 years ago
- ☆239Updated this week
- A modern c++ implementation of windows heavens gate☆193Updated 4 years ago
- Simple VM based x86 PE (portable exectuable) protector.☆325Updated 9 years ago
- This program remaps its image to prevent the page protection of pages contained in the image from being modified via NtProtectVirtualMemo…☆556Updated 5 years ago
- ☆155Updated this week
- Detecting execution of kernel memory where is not backed by any image file☆252Updated 6 years ago
- ☆390Updated 7 years ago
- ☆160Updated 7 years ago
- Open-source user-mode Anti-Anti-Debug plugin for x64dbg & cheatengine.☆187Updated 7 years ago
- windows kernelmode and usermode IAT hook☆140Updated 3 years ago
- A library to manipulate physical memory from usermode.☆288Updated last year
- Elevate a process to be a protected process☆140Updated 5 years ago
- Simple code to manipulate the memory of a usermode process from kernel.☆259Updated 7 years ago
- A wrapper library around native windows sytem APIs☆417Updated 3 years ago
- Obfuscates all RTTI (Run-time type information) inside a binary☆188Updated 6 years ago
- SimpleSvmHook is a research purpose hypervisor for Windows on AMD processors.☆345Updated 3 years ago
- AntiDebugging sample sources written in C++☆333Updated 6 years ago
- Windows IME-based DLL injection. Able to inject a DLL without OpenProcess or a process handle being necessary..☆177Updated 10 years ago
- Asynchronous Procedure Calls☆185Updated 3 years ago
- Hide Driver By MiProcessLoaderEntry☆279Updated 5 years ago
- A library to read physical memory and system-wide virtual memory.☆119Updated 6 years ago
- Import address table (IAT) hooking is a well documented technique for intercepting calls to imported functions.☆210Updated 6 years ago
- This DKOM exploit enables any app in usermode to access physical memory directly☆216Updated 6 years ago
- Hooking kernel functions by abusing alignment☆238Updated 3 years ago
- A x64 Windows Rootkit using SSDT or Hypervisor hook☆477Updated this week