LeiHao0 / Fake-EverythingView external linksLinks
Everything的原理猜想与实现
☆531Sep 18, 2023Updated 2 years ago
Alternatives and similar repositories for Fake-Everything
Users that are interested in Fake-Everything are comparing it to the libraries listed below
Sorting:
- 探索Everything背后的技术(USN和MFT)☆339Sep 29, 2017Updated 8 years ago
- Extremely fast file search using the NTFS USN journal☆152Feb 11, 2016Updated 10 years ago
- Example of real-time Windows ETW packet capture session☆54Jul 12, 2017Updated 8 years ago
- Windows Ark 工具的工程和一些demo☆193Mar 6, 2016Updated 9 years ago
- Win32 API Hook偵測☆10Oct 1, 2017Updated 8 years ago
- FastSearch是一个快速文件搜索系统,它的原理是通过读取NTFS文件系统中的USN日志文件,快速地读取磁盘中的所有文件,并通过文件名称快速查找。☆47Jan 9, 2020Updated 6 years ago
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆183Nov 30, 2017Updated 8 years ago
- Windows Kernel Driver with C++ runtime☆181Sep 26, 2020Updated 5 years ago
- Windows CVE主防(HIPS/HIDS)☆57Apr 29, 2021Updated 4 years ago
- PcManager ~ 开源卫士完整可编译版本☆90Jan 3, 2020Updated 6 years ago
- C++基础辅助类库,比如异步进行-Thread,安全句柄-CHandle,资源守卫-Guard,XML解析-rapidxml,以及其他注册表、文件基础操作。用于更加高效、安全的进行C++开发。温馨提示:至少需要支持C++0x标准的编译器。☆480Dec 19, 2019Updated 6 years ago
- WinDbg debugger extension library providing various tools to analyse, dump and fix (restore) Microsoft Portable Executable files for both…☆84Aug 24, 2024Updated last year
- 隐藏可执行内存☆267Apr 27, 2025Updated 9 months ago
- ☆15Jun 12, 2015Updated 10 years ago
- Windows CIFS/SMB packet generation and SMB networking library☆12Aug 25, 2020Updated 5 years ago
- Hook IDT vector 0xb2 to detect SCI in 64bit windows.☆34Aug 27, 2022Updated 3 years ago
- WinDBG Anti-RootKit Extension☆645Jul 29, 2020Updated 5 years ago
- A simple example how to decrypt kernel debugger data block☆31Feb 8, 2021Updated 5 years ago
- Injector with kernel power☆18Jan 2, 2021Updated 5 years ago
- Debugger extension for the Debugging Tools for Windows (WinDbg, KD, CDB, NTSD).☆69Nov 14, 2016Updated 9 years ago
- Windows file system filter drivers(minifilter) to encrypt, compress, or otherwise modify file-based data require some of the most complex…☆129Dec 27, 2020Updated 5 years ago
- A kernel mode Windows rootkit in development.☆49Dec 31, 2021Updated 4 years ago
- Hades HIDS/HIPS for Windows☆307Oct 10, 2025Updated 4 months ago
- Use WinDBG to trace the Windows API calls of any Portable Executable file☆32Apr 13, 2017Updated 8 years ago
- 关于intel和amd指令行为不一样这件事☆62Apr 15, 2022Updated 3 years ago
- 一个C++实现的简单操作系统☆17Jul 26, 2015Updated 10 years ago
- ☆19Jul 20, 2015Updated 10 years ago
- duilib 旗舰版-高分屏、多语言、样式表、资源管理器、异形窗口、窗口阴影、简单动画☆1,484Nov 20, 2025Updated 2 months ago
- pdb's function and global vars to offset☆10Apr 11, 2023Updated 2 years ago
- A Win32 logger based on DebugView & ETW.☆16Nov 15, 2017Updated 8 years ago
- Using C++ STL on Windows kernle development☆91Feb 21, 2019Updated 6 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆71May 11, 2022Updated 3 years ago
- 将shellcode注入dwm.exe以进行屏幕截取☆355Mar 22, 2022Updated 3 years ago
- The Kernel-Mode Winsock library, supporting TCP, UDP and Unix sockets (DGRAM and STREAM).☆275Jan 27, 2025Updated last year
- 内核级ARK工具。☆62Aug 1, 2016Updated 9 years ago
- SuperDllHijack:A general DLL hijack technology, don't need to manually export the same function interface of the DLL, so easy! 一种通用Dll劫持技…☆1,018Nov 10, 2021Updated 4 years ago
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆146Feb 23, 2019Updated 6 years ago
- Call NtCreateUserProcess directly as normal.☆76May 17, 2022Updated 3 years ago
- Rootkit & Anti-rootkit☆42Jan 27, 2024Updated 2 years ago