DavidXanatos / HideTS
DLL and API hooking example to hide running in a Terminal Session
☆17Updated 4 years ago
Alternatives and similar repositories for HideTS:
Users that are interested in HideTS are comparing it to the libraries listed below
- Debugger checks in 3 ways☆18Updated 7 years ago
- Windows x86 Hardware Breakpoint class for Windows >Vista☆22Updated 8 years ago
- Input-output driver☆24Updated last week
- Small class to help perform syscalls.☆21Updated last year
- ☆18Updated 5 years ago
- Demonstrate the new FileDispositionInfoEx behavior☆14Updated 7 years ago
- ☆10Updated 4 years ago
- A small library to extend the functionality of GetModuleHandle and GetProcAddress to other processes☆17Updated 5 years ago
- x64dbg scripts for finding OEP of packers☆14Updated 6 years ago
- Collection of IDA helpers☆15Updated 2 years ago
- Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling☆32Updated 5 years ago
- A tool to show the method info at runtime☆13Updated 5 years ago
- My small extension to add anti-anti-debbuging support to dnSpy☆42Updated 6 years ago
- Remote memory library in C++17.☆31Updated 6 years ago
- A class to gather information about a process, its threads and modules.☆24Updated 4 years ago
- Given a global name in IDA Pro, find all xrefs which are contained in an exported function.☆11Updated 8 years ago
- x64 injector using LoadLibrary made in assembler (MASM)☆26Updated 6 years ago
- Analysing and defeating PatchGuard universally☆34Updated 4 years ago
- Static library and headers for linking your software with ntdll.dll☆32Updated 5 years ago
- Simple x64dbg plugin to show registers on every step.☆16Updated 5 years ago
- r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems☆26Updated 6 years ago
- A way to detect DBI frameworks, Debuggers and VMs.☆22Updated 4 years ago
- Proof of concept headless GUI DLL☆12Updated 3 years ago
- A Windows API hooking library !☆31Updated 2 years ago
- ☆14Updated 12 years ago
- Windows hidden thread suspend POC with code injection☆12Updated 7 years ago
- Undocumented way of fetching list of processes by bruteforcing NtQuerySystemInformation☆15Updated 7 years ago
- Dump mapped PE files from memory to the disk☆19Updated 5 years ago
- A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing…☆13Updated 4 years ago
- Fake Timestamps of Driver Certificates while keeping validity.☆16Updated 3 years ago