The most powerful and customizable binary pattern scanner
☆248Nov 13, 2021Updated 4 years ago
Alternatives and similar repositories for Sig
Users that are interested in Sig are comparing it to the libraries listed below
Sorting:
- A bunch of parsers for PE and PDB formats in C++☆267May 15, 2024Updated last year
- The Win32 Anti-Intrusion Library☆213May 30, 2019Updated 6 years ago
- A bunch of architectural headers for i386 and AMD64☆42Oct 7, 2023Updated 2 years ago
- The functions interception library written on pure C and NativeAPI with UserMode and KernelMode support☆763Apr 24, 2025Updated 10 months ago
- Detect removed thread from PspCidTable.☆75Mar 18, 2022Updated 3 years ago
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆657Jan 28, 2025Updated last year
- The program draws with win32k gdi functions in the kernel while NtGdiDdDDISubmitCommand is being hooked.☆345Apr 27, 2020Updated 5 years ago
- 可在非测试模式下符号化读取内核内存。Kernel memory can be read symbolically in non test mode。☆109Sep 1, 2022Updated 3 years ago
- Windows kernel hacking framework, driver template, hypervisor and API written on C++☆1,802Nov 12, 2023Updated 2 years ago
- C++17 PE manualmapper☆436Oct 2, 2021Updated 4 years ago
- Analyze patches in a process☆259Jul 28, 2021Updated 4 years ago
- 从MmPfnData中枚举进程和页目录基址☆207Aug 18, 2023Updated 2 years ago
- C++ STL in the Windows Kernel with C++ Exception Support☆435Aug 16, 2023Updated 2 years ago
- IDA Pro plugin to make bitfield accesses easier to grep☆255Aug 3, 2025Updated 7 months ago
- query-pdb is a server-side software for parsing PDB files. The software provides PDB online parsing service.☆168Oct 27, 2025Updated 4 months ago
- 09/2021 reversal of EasyAntiCheat driver☆235Dec 21, 2021Updated 4 years ago
- Archive R/W into any protected process by changing the value of KTHREAD->PreviousMode☆163Jul 31, 2022Updated 3 years ago
- Windows inline hooking tool.☆298Oct 7, 2018Updated 7 years ago
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆151Feb 12, 2022Updated 4 years ago
- BattlEye shellcodes tester☆151Jan 3, 2022Updated 4 years ago
- Code for Battleyes shellcode☆239Nov 11, 2021Updated 4 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆71May 11, 2022Updated 3 years ago
- 利用物理内存映射,实现虚拟内存的伪隐藏☆86Sep 15, 2022Updated 3 years ago
- pdbex is a utility for reconstructing structures and unions from the PDB into compilable C headers☆895Jun 18, 2025Updated 8 months ago
- Access without a real handle☆1,037Apr 10, 2021Updated 4 years ago
- C++20, x86/x64 Hooking Libary v2.0☆1,822Nov 16, 2025Updated 3 months ago
- Hiding the window from screenshots using the function win32kfull::GreProtectSpriteContent☆630Dec 26, 2024Updated last year
- Feature-rich C99 library for memory scanning purposes, designed for Windows running machines, meant to work on both 32-bit and 64-bit por…☆31Feb 7, 2026Updated 3 weeks ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆121Feb 8, 2022Updated 4 years ago
- Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL☆219Nov 12, 2020Updated 5 years ago
- The Universal C++ RunTime library, supporting kernel-mode C++ exception-handler and STL.☆407Jul 12, 2024Updated last year
- usermode driver mapper that forcefully loads any signed kernel driver (legit cert) with a big enough section (example: .data, .rdata) to …☆473Jan 3, 2022Updated 4 years ago
- Example of reading process memory through kernel special APC☆111Apr 21, 2023Updated 2 years ago
- Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executabl…☆385Jan 29, 2022Updated 4 years ago
- ☆40Mar 23, 2023Updated 2 years ago
- 🪝 Various EPT hook detection approaches☆143Feb 22, 2026Updated last week
- InfinityHookPro Win7 -> Win11 latest☆551Feb 7, 2023Updated 3 years ago
- Inline syscalls made easy for windows on clang☆736Jun 21, 2024Updated last year
- Using NtCreateFile and NtDeviceIoControlFile to realize the function of winsock(利用NtCreateFile和NtDeviceIoControlFile 实现winsock的功能)☆128Sep 9, 2022Updated 3 years ago