HadesW / mhy_expView external linksLinks
Mhy Exp (exploit signed driver)
☆141May 17, 2022Updated 3 years ago
Alternatives and similar repositories for mhy_exp
Users that are interested in mhy_exp are comparing it to the libraries listed below
Sorting:
- shadow tls☆17Nov 13, 2022Updated 3 years ago
- c++ implementation of windows heavens gate☆70Feb 12, 2021Updated 5 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆71May 11, 2022Updated 3 years ago
- Call NtCreateUserProcess directly as normal.☆76May 17, 2022Updated 3 years ago
- Kill Protected Process Light Process (include av)☆58Sep 15, 2023Updated 2 years ago
- 利用物理内存映射,实现虚拟内存的伪隐藏☆86Sep 15, 2022Updated 3 years ago
- Bypassing EasyAntiCheat.sys self-integrity by abusing call hierarchy☆83Oct 6, 2022Updated 3 years ago
- 研究和移除各种内核回调,在anti anti cheat的路上越走越远☆183Aug 26, 2022Updated 3 years ago
- A kernel mode Windows rootkit in development.☆49Dec 31, 2021Updated 4 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- 之前学习X64VT写的代码,很多坑,但是大体的逻辑还是完整的。现发出来给更多想学VT的人参考...☆71Apr 26, 2021Updated 4 years ago
- 过去写的一些Windows安全研究相关代码☆135Feb 2, 2019Updated 7 years ago
- ☆163Oct 29, 2020Updated 5 years ago
- windows kernelmode driver to inject dll into each and every process and perform systemwide function hooking☆53Aug 28, 2022Updated 3 years ago
- ☆127May 23, 2020Updated 5 years ago
- InfinityHookPro Win7 -> Win11 latest☆551Feb 7, 2023Updated 3 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆265Aug 31, 2022Updated 3 years ago
- Call 32bit NtDLL API directly from WoW64 Layer☆62Nov 18, 2020Updated 5 years ago
- VEH Redirect & VEH Debugger☆23May 18, 2020Updated 5 years ago
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆57Feb 2, 2026Updated last week
- PoC capable of detecting manual syscalls from usermode.☆206Nov 13, 2025Updated 3 months ago
- Beacon.dll reverse☆141Sep 5, 2021Updated 4 years ago
- 关于intel和amd指令行为不一样这件事☆62Apr 15, 2022Updated 3 years ago
- BattlEye kernel module bypass☆178Oct 1, 2022Updated 3 years ago
- golang implementation of Syswhisper2/Syswhisper3☆23Mar 23, 2022Updated 3 years ago
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated last year
- 隐藏可执行内存☆267Apr 27, 2025Updated 9 months ago
- VT Hook☆50Jul 2, 2024Updated last year
- Illustrates the concept of return address spoofing, and how it is used.☆14May 13, 2020Updated 5 years ago
- PEBFake(修改PEB 伪装当前进程路径、参数等)☆53Jan 19, 2021Updated 5 years ago
- Force a file delete using a windows kernel driver☆72Jul 29, 2022Updated 3 years ago
- Analyze Windows x64 Kernel Memory Layout☆129Nov 19, 2020Updated 5 years ago
- 远程创建任务计划工具☆190Apr 23, 2022Updated 3 years ago
- A way to delete a locked file, or current running executable, on disk.☆616Nov 5, 2025Updated 3 months ago
- Top level overlay drawing for game cheating using dwm.exe☆47Oct 26, 2021Updated 4 years ago
- Load your driver like win32k.sys☆258Aug 20, 2022Updated 3 years ago
- A x64 Windows Rootkit using SSDT or Hypervisor hook☆564Jan 4, 2025Updated last year
- Obfuscator based on LLVM 14.0.6☆891Nov 21, 2024Updated last year
- Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.☆154Sep 11, 2022Updated 3 years ago