HadesW / mhy_expLinks
Mhy Exp (exploit signed driver)
☆140Updated 3 years ago
Alternatives and similar repositories for mhy_exp
Users that are interested in mhy_exp are comparing it to the libraries listed below
Sorting:
- 研究和移除各种内核回调,在anti anti cheat的路上越走越远☆176Updated 2 years ago
- 无痕注入1☆76Updated 4 years ago
- 隐藏可执行内存☆252Updated last month
- shellcode 生成框架☆264Updated 3 years ago
- 利用物理内存映射,实现虚拟内存的伪隐藏☆83Updated 2 years ago
- 内核级别隐藏指定窗口☆311Updated 3 years ago
- 驱动加载器 -> 利用iqvw64e.sys映射驱动☆55Updated 4 years ago
- 一些使用过期或者注销证书的技术☆261Updated 6 years ago
- Quick check of NT kernel exported&unexported functions/global variable offset NT内核导出以及未导出函数+全局变量偏移速查☆94Updated 2 years ago
- 大数字驱动逆向代码☆71Updated last year
- 一款64位Exe程序动态追踪执行流程以及保存信息的工具☆46Updated 6 months ago
- 利用CE的DBK驱动加载未签名驱动☆36Updated last year
- 可在非测试模式下符号化读取内核内存。Kernel memory can be read symbolically in non test mode。☆108Updated 2 years ago
- 句柄提权 无视反作弊读写游戏内存 用于分析游戏结构工具☆145Updated 3 years ago
- 非编译时代码混淆,包括代码块拆分、代码乱序、常量加密、代码变异、抹除jcc、局部混淆等,主要提供框架以及思路☆31Updated 2 years ago
- 过去写的一些Windows安全研究相关代码☆135Updated 6 years ago
- 将shellcode注入dwm.exe以进行屏幕截取☆322Updated 3 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆67Updated 3 years ago
- 使用 Intel 虚拟化特性实现应用层HOOK☆61Updated 3 months ago
- 一个用来做windows内核hook的框架☆152Updated last month
- use python script to fix vmp dump api in ida☆118Updated 4 years ago
- 让Etwhook再次伟大! Make InfinityHook Great Again!☆136Updated 3 years ago
- 复现《EDR的梦魇:Storm-0978使用新型内核注入技术“Step Bear”》☆133Updated 7 months ago
- 简单安排一下 autochk.sys 这个rootkit☆71Updated 2 years ago
- 不使用3环挂钩进行DWM桌面绘制☆80Updated 3 years ago
- Win7内核私有符号结构转储☆67Updated 3 years ago
- Forked LLVM focused on MSVC Compatibility. This version is designed for windows users☆100Updated 2 months ago
- ☆202Updated 2 years ago
- InfinityHook 支持Win7 到 Win11 最新版本,虚拟机环境及物理机环境☆72Updated 8 months ago
- Example of reading process memory through kernel special APC☆106Updated 2 years ago