HadesW/mhy_exp external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

HadesW/mhy_exp

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/HadesW/mhy_exp)

Close

HadesW / mhy_expView on GitHubMore

• External links
• Readme badge

Mhy Exp (exploit signed driver)

☆141May 17, 2022Updated 3 years ago

Alternatives and similar repositories for mhy_exp

Users that are interested in mhy_exp are comparing it to the libraries listed below

• BeneficialCode / KPPL

  View on GitHub
  Kill Protected Process Light Process (include av)
  ☆57Sep 15, 2023Updated 2 years ago
• xiaoxiaozhu5 / shadow_tls

  View on GitHub
  shadow tls
  ☆17Nov 13, 2022Updated 3 years ago
• huoji120 / Etw-Syscall

  View on GitHub
  https://key08.com/index.php/2021/10/19/1375.html
  ☆71May 11, 2022Updated 3 years ago
• bb107 / RtlWow64

  View on GitHub
  c++ implementation of windows heavens gate
  ☆71Feb 12, 2021Updated 5 years ago
• A-Normal-User / Pretend_HideVirtualMemory

  View on GitHub
  利用物理内存映射，实现虚拟内存的伪隐藏
  ☆86Sep 15, 2022Updated 3 years ago
• D0pam1ne705 / Direct-NtCreateUserProcess

  View on GitHub
  Call NtCreateUserProcess directly as normal.
  ☆77May 17, 2022Updated 3 years ago
• iammaguire / Salient-Rootkit

  View on GitHub
  A kernel mode Windows rootkit in development.
  ☆49Dec 31, 2021Updated 4 years ago
• FiYHer / driver_callback_bypass_1909

  View on GitHub
  研究和移除各种内核回调,在anti anti cheat的路上越走越远
  ☆182Aug 26, 2022Updated 3 years ago
• y11en / PEBFake

  View on GitHub
  PEBFake(修改PEB 伪装当前进程路径、参数等)
  ☆54Jan 19, 2021Updated 5 years ago
• qq1045551070 / VtToMe

  View on GitHub
  之前学习X64VT写的代码，很多坑，但是大体的逻辑还是完整的。现发出来给更多想学VT的人参考...
  ☆72Apr 26, 2021Updated 4 years ago
• timwhitez / Doge-Whisper

  View on GitHub
  golang implementation of Syswhisper2/Syswhisper3
  ☆23Mar 23, 2022Updated 3 years ago
• Sinclairq / hierarchy-eac

  View on GitHub
  Bypassing EasyAntiCheat.sys self-integrity by abusing call hierarchy
  ☆83Oct 6, 2022Updated 3 years ago
• FiYHer / InfinityHookPro

  View on GitHub
  InfinityHookPro Win7 -> Win11 latest
  ☆553Feb 7, 2023Updated 3 years ago
• alfarom256 / UserVAtoPhysical

  View on GitHub
  Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address
  ☆23Nov 22, 2021Updated 4 years ago
• HadesW / dwm-overlay

  View on GitHub
  Top level overlay drawing for game cheating using dwm.exe
  ☆48Oct 26, 2021Updated 4 years ago
• fIappy / infhook19041

  View on GitHub
  ☆125May 23, 2020Updated 5 years ago
• sum-catnip / kptnhook

  View on GitHub
  windows kernelmode driver to inject dll into each and every process and perform systemwide function hooking
  ☆53Aug 28, 2022Updated 3 years ago
• NoOne-hub / Beacon.dll

  View on GitHub
  Beacon.dll reverse
  ☆141Sep 5, 2021Updated 4 years ago
• 0xfei / wincode

  View on GitHub
  过去写的一些Windows安全研究相关代码
  ☆135Feb 2, 2019Updated 7 years ago
• hackerhouse-opensource / envschtasksuacbypass

  View on GitHub
  Bypass UAC elevation on Windows 8 (build 9600) & above.
  ☆58Feb 2, 2026Updated last month
• huoji120 / cpu_duck

  View on GitHub
  关于intel和amd指令行为不一样这件事
  ☆62Apr 15, 2022Updated 3 years ago
• KiFilterFiberContext / warbird-hook

  View on GitHub
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆271Aug 31, 2022Updated 3 years ago
• KelvinMsft / ThreadSpy

  View on GitHub
  ☆163Oct 29, 2020Updated 5 years ago
• aaaddress1 / wow64Jit

  View on GitHub
  Call 32bit NtDLL API directly from WoW64 Layer
  ☆62Nov 18, 2020Updated 5 years ago
• Rvn0xsy / SchtaskCreator

  View on GitHub
  远程创建任务计划工具
  ☆190Apr 23, 2022Updated 3 years ago
• qq1045551070 / IoInject

  View on GitHub
  无痕注入1
  ☆77Jun 1, 2021Updated 4 years ago
• zouxianyu / BlindEye

  View on GitHub
  BattlEye kernel module bypass
  ☆177Oct 1, 2022Updated 3 years ago
• Eva1216 / MagicWall

  View on GitHub
  ☆48Nov 7, 2018Updated 7 years ago
• gmh5225 / Detection-CheatEngine

  View on GitHub
  Using ReadDirectoryChangesW to detect CheatEngine
  ☆51Jun 7, 2022Updated 3 years ago
• threatexpert / atrk-win

  View on GitHub
  针对windows rootkit的一些检测，分别从进程、端口、文件这三个方面进行检测。
  ☆21Jan 16, 2025Updated last year
• Rhydon1337 / windows-kernel-file-delete

  View on GitHub
  Force a file delete using a windows kernel driver
  ☆73Jul 29, 2022Updated 3 years ago
• anzelesnik / SyscallHook

  View on GitHub
  System call hook for Windows 10 20H1
  ☆496Jun 26, 2021Updated 4 years ago
• FaEryICE / MemScanner

  View on GitHub
  Analyze Windows x64 Kernel Memory Layout
  ☆130Nov 19, 2020Updated 5 years ago
• TimelifeCzy / kHypervisorBasic

  View on GitHub
  VT Hook
  ☆51Jul 2, 2024Updated last year
• Air14 / KDBGDecryptor

  View on GitHub
  A simple example how to decrypt kernel debugger data block
  ☆32Feb 8, 2021Updated 5 years ago
• smallzhong / hide_execute_memory

  View on GitHub
  隐藏可执行内存
  ☆267Apr 27, 2025Updated 10 months ago
• dsnezhkov / HandsFreeCOM

  View on GitHub
  Self-Loading Registration Free COM Functions
  ☆11Nov 12, 2019Updated 6 years ago
• VMProtectResearch / vmp2-devirtualization

  View on GitHub
  vmp2.x devirtualization
  ☆90Nov 3, 2024Updated last year
• zeze-zeze / HITCON-2023-Demo-CVE-2023-20562

  View on GitHub
  ☆61Aug 21, 2023Updated 2 years ago