first commit
☆64Oct 29, 2020Updated 5 years ago
Alternatives and similar repositories for PerfMon
Users that are interested in PerfMon are comparing it to the libraries listed below
Sorting:
- VT-based PCI device monitor (SPI)☆158Oct 29, 2020Updated 5 years ago
- ☆99Oct 6, 2017Updated 8 years ago
- 巨硬☆17Oct 4, 2023Updated 2 years ago
- ☆39Oct 29, 2020Updated 5 years ago
- 内核驱动加载/卸载痕迹清理,努力绕过反作弊吧 PiDDBCacheTable and MmLastUnloadedDriver☆189Feb 11, 2023Updated 3 years ago
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated last year
- ☆223Mar 11, 2023Updated 2 years ago
- Hide codes/data in the kernel address space.☆188May 8, 2021Updated 4 years ago
- 可在非测试模式下符号化读取内核内存。Kernel memory can be read symbolically in non test mode。☆109Sep 1, 2022Updated 3 years ago
- ☆47Feb 3, 2025Updated last year
- win10 pgContext dynamic dump (btc version)☆110Jan 15, 2020Updated 6 years ago
- Analysing and defeating PatchGuard universally☆36Nov 4, 2020Updated 5 years ago
- a monitoring windows driver calls kernel api tools☆128Jul 5, 2024Updated last year
- Detects if a Kernel mode debugger is active by reading the value of KUSER_SHARED_DATA.KdDebuggerEnabled. It is a high level and portable …☆23Sep 18, 2017Updated 8 years ago
- query-pdb is a server-side software for parsing PDB files. The software provides PDB online parsing service.☆168Oct 27, 2025Updated 4 months ago
- kHypervisor is a lightweight bluepill-like nested VMM for Windows, it provides and emulating a basic function of Intel VT-x☆443Nov 29, 2021Updated 4 years ago
- Win7内核私有符号结构转储☆70Sep 3, 2021Updated 4 years ago
- Some crazy PE executables protection kernel driver☆20May 2, 2020Updated 5 years ago
- detect hypervisor with Nmi Callback☆42Sep 25, 2022Updated 3 years ago
- 利用物理内存映射,实现虚拟内存的伪隐藏☆86Sep 15, 2022Updated 3 years ago
- Hook NtDeviceIoControlFile with PatchGuard☆107May 10, 2022Updated 3 years ago
- 这篇文章的目的是介绍一款实验性项目基于COM命名管道或者Windows Hyper-V虚拟机Vmbus通道实现的运行在uefi上的windbg调试引擎开发心得☆44Jun 16, 2024Updated last year
- 从MmPfnData中枚举进程和页目录基址☆207Aug 18, 2023Updated 2 years ago
- ☆27Jan 4, 2024Updated 2 years ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- This is the first software system, which can detect a stealthy hypervisor and calculate several nested ones even under countermeasures.☆87Jun 16, 2015Updated 10 years ago
- Some garbage drivers written for getting started☆65Dec 31, 2019Updated 6 years ago
- by others☆40Jan 28, 2018Updated 8 years ago
- Easy Anti PatchGuard☆223Apr 9, 2021Updated 4 years ago
- Static user/kernel mode library that allows access to all functions and global variables by extracting offsets from the PDB☆118May 29, 2025Updated 9 months ago
- ☆125May 23, 2020Updated 5 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆65Jun 19, 2019Updated 6 years ago
- A research project about Windows notify routines.☆38Jul 31, 2020Updated 5 years ago
- Basic utilities for executing, reading and writing 64-bit data in a 32-bit WoW64 process☆19Jul 8, 2022Updated 3 years ago
- The driver STL library used by myself☆13Oct 19, 2022Updated 3 years ago
- Collect different versions of Crucial modules.☆145Jul 11, 2024Updated last year
- Open Course for diving security internal☆52Nov 11, 2019Updated 6 years ago
- noob hooking dwm for overlay☆84Nov 24, 2020Updated 5 years ago
- ☆163Oct 29, 2020Updated 5 years ago