MahmoudZohdy / Anti-Analysis-DebuggerInjectionLinks
Anti-Analysis technique, trick the debugger by Hiding events from it.
☆20Updated 3 years ago
Alternatives and similar repositories for Anti-Analysis-DebuggerInjection
Users that are interested in Anti-Analysis-DebuggerInjection are comparing it to the libraries listed below
Sorting:
- A kernel mode Windows rootkit in development.☆49Updated 3 years ago
- Some drivers I've written while solving exercises from Practical Reverse Engineering☆15Updated 3 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆24Updated 3 years ago
- Fake Timestamps of Driver Certificates while keeping validity.☆17Updated 4 years ago
- UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.☆45Updated 2 years ago
- neat way to detect memory read using nt layer function.☆14Updated 2 years ago
- Load Dll into Kernel space☆38Updated 3 years ago
- ☆27Updated 2 years ago
- ☆59Updated 3 years ago
- Скрытие строки от отладчиков и декомпиляторов☆51Updated 5 years ago
- Proof-of-Concept software for detecting AV/EDR hooks in Windows libraries.☆31Updated 3 years ago
- IAT-Obfuscation to make static analysis of executable harder.☆44Updated 3 years ago
- Wow64 Heaven's Gate Hook☆28Updated 4 years ago
- Hijack NotifyRoutine for a kernelmode thread☆42Updated 3 years ago
- R3劫持所有异常☆15Updated 4 years ago
- Injects position-dependent code into a code cave in an executable file, and applies relocations.☆22Updated 2 years ago
- Detect VM and Hypervisor☆10Updated 4 years ago
- x86/x64 dll injector☆31Updated 3 years ago
- Easily hook WIN32 x64 functions☆18Updated 6 months ago
- manual mapping injector☆28Updated 3 years ago
- Phantom DLL Hollowing method implemented in modmap☆18Updated 4 years ago
- Load Encrypted Dll Using LoadLibraryA, Keep The Dll Encrypted on disc all the time and decrypt it only in memory.☆22Updated 3 years ago
- Learn Winapi in this Repo with examples, to understand its abstraction in reverse engineering for Windows.☆10Updated 3 years ago
- Walks through the 4-level paging structures in Windows x64☆13Updated 2 years ago
- Protected Process Light Library☆18Updated 5 years ago
- ☆14Updated 12 years ago
- Tiny driver patch to allow kernel callbacks to work on Win10 21h1☆34Updated 3 years ago
- ☆29Updated 3 years ago
- automates exploits using ROP chains, using ntdll-scraper☆16Updated 3 years ago
- Dump mapped PE files from memory to the disk☆20Updated 6 years ago