HadesW / mhy_exp
Mhy Exp (exploit signed driver)
☆137Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for mhy_exp
- 研究和移除各种内核回调,在anti anti cheat的路上越走越远☆167Updated 2 years ago
- shellcode 生成框架☆240Updated 2 years ago
- 无痕注入1☆69Updated 3 years ago
- 隐藏可执行内存☆245Updated 9 months ago
- 一些使用过期或者注销证书的技术☆191Updated 5 years ago
- 一个用来做windows内核hook的框架☆81Updated 7 months ago
- 内核级别隐藏指定窗口☆297Updated 2 years ago
- 大数字驱动逆向代码☆65Updated last year
- 利用物理内存映射,实现虚拟内存的伪隐藏☆73Updated 2 years ago
- Quick check of NT kernel exported&unexported functions/global variable offset NT内核导出以及未导出函数+全局变量偏移速查☆91Updated last year
- 整合Pluto-Obfuscator和goron部分混淆,移植到LLVM-16.0.x,使用NewPassManager☆113Updated last year
- ☆80Updated 2 months ago
- 自建时间戳服务器实现伪签名驱动证书 Implementing Pseudo Signature with Self-Sign Timestamp Servers☆197Updated this week
- Heaven's Gate implementation in C for constructing x64 Win32 API call in x86 WoW64 processes.☆67Updated 3 years ago
- 简单安排一下 autochk.sys 这个rootkit☆67Updated last year
- ☆77Updated 3 years ago
- 通杀检测基于白文件patch黑代码的免杀技术的后门☆101Updated 3 months ago
- 将shellcode注入dwm.exe以进行屏幕截取☆299Updated 2 years ago
- 句柄提权 无视反作弊读写游戏内存 用于分析游戏结构工具☆134Updated 3 years ago
- Using NtCreateFile and NtDeviceIoControlFile to realize the function of winsock(利用NtCreateFile和NtDeviceIoControlFile 实现winsock的功能)☆99Updated 2 years ago
- 可在非测试模式下符号化读取内核内存。Kernel memory can be read symbolically in non test mode。☆104Updated 2 years ago
- 过去写的一些Windows安全研究相关代码☆134Updated 5 years ago
- ☆93Updated 2 years ago
- IDA高级技巧 API符号自动识别库 IDASignMaker☆124Updated 3 years ago
- Win7内核私有符号结构转储☆64Updated 3 years ago
- InfinityHook 支持Win7 到 Win11 最新版本,虚拟机环境及物理机环境☆34Updated last month
- 非编译时代码混淆,包括代码块拆分、代码乱序、常量加密、代码变异、抹除jcc、局部混淆等,主要提供框架以及思路☆29Updated last year
- out-of-tree llvm obfuscation pass plugin (dynamically loadable by rustc). || rust toolchain with obfuscation llvm pass.☆81Updated 4 months ago
- ☆184Updated last year