HadesW / mhy_exp
Mhy Exp (exploit signed driver)
☆140Updated 2 years ago
Alternatives and similar repositories for mhy_exp:
Users that are interested in mhy_exp are comparing it to the libraries listed below
- 研究和移除各种内核回调,在anti anti cheat的路上越走越远☆173Updated 2 years ago
- shellcode 生成框架☆262Updated 3 years ago
- 隐藏可执行内存☆248Updated last year
- 无痕注入1☆73Updated 3 years ago
- 一个用来做windows内核hook的框架☆86Updated this week
- 大数字驱动逆向代码☆71Updated last year
- 一些使用过期或者注销证书的技术☆233Updated 5 years ago
- 利用物理内存映射,实现虚拟内存的伪隐藏☆83Updated 2 years ago
- 内核级别隐藏指定窗口☆305Updated 3 years ago
- Quick check of NT kernel exported&unexported functions/global variable offset NT内核导出以及未导出函数+全局变量偏移速查☆93Updated 2 years ago
- 一款64位Exe程序动态追踪执行流程以及保存信息的工具☆46Updated 5 months ago
- ☆197Updated 2 years ago
- 驱动加载器 -> 利用iqvw64e.sys映射驱动☆55Updated 4 years ago
- 句柄提权 无视反作弊读写游戏内存 用于分析游戏结构工具☆142Updated 3 years ago
- 可在非测试模式下符号化读取内核内存。Kernel memory can be read symbolically in non test mode。☆106Updated 2 years ago
- ☆97Updated 3 years ago
- 过去写的一些Windows安全研究相关代码☆135Updated 6 years ago
- 将shellcode注入dwm.exe以进行屏幕 截取☆318Updated 3 years ago
- InfinityHook 支持Win7 到 Win11 最新版本,虚拟机环境及物理机环境☆56Updated 6 months ago
- 让Etwhook再次伟大! Make InfinityHook Great Again!☆134Updated 3 years ago
- Radical Windows ARK☆232Updated last week
- 整合Pluto-Obfuscator和goron部分混淆,移植到LLVM-16.0.x,使用NewPassManager☆122Updated last year
- 利用CE的DBK驱动加载未签名驱动☆35Updated last year
- ☆179Updated last year
- use python script to fix vmp dump api in ida☆117Updated 4 years ago
- ☆110Updated 5 years ago
- 轻量级自动分析病毒程序调用上下文、游戏反调试实现技术平台☆99Updated 4 years ago
- ida提取特征码脚本☆55Updated 5 years ago
- 之前学习X64VT写的代码,很多坑,但是大体的逻辑还是完整的。现发出来给更多想学VT的人参考...☆68Updated 4 years ago
- sc4cpp is a shellcode framework based on C++☆88Updated 3 years ago