MalwareTech / FstHookLinks
A library for intercepting native functions by hooking KiFastSystemCall
☆73Updated 5 years ago
Alternatives and similar repositories for FstHook
Users that are interested in FstHook are comparing it to the libraries listed below
Sorting:
- Windbg extension to find PatchGuard pages☆121Updated 10 years ago
- Elevation of privilege detector based on HyperPlatform☆122Updated 8 years ago
- ☆116Updated 12 years ago
- Loading unsigned code into kernel in Windows 10 (64) with help of VMware Workstation Pro/Player design flaw☆138Updated 8 years ago
- kernel exploitation helper class☆77Updated 8 years ago
- Collection Of Anti-Debugging Tricks☆99Updated 9 years ago
- Hypervisor based tool for monitoring system register accesses.☆146Updated 6 years ago
- qb-sync is an open source tool to add some helpful glue between IDA Pro and Windbg. Its core feature is to dynamically synchronize IDA's …☆120Updated 9 years ago
- IDA Plugin which decodes Windows Device I/O control code into DeviceType, FunctionCode, AccessType and MethodType.☆111Updated last year
- TDL4 style rootkit to spoof read/write requests to master boot record☆131Updated 7 years ago
- IntelVT-X nice feature -> tool☆94Updated 10 years ago
- Bootkits Revisited☆40Updated 11 years ago
- Load a Windows Kernel Driver☆92Updated 8 years ago
- Identifying Virtual Table Functions using VTBL IDA Pro Plugin + Deviare Hooking Engine☆95Updated 12 years ago
- KINS Banking Trojan☆61Updated 10 years ago
- Rovnix Bootkit☆119Updated 10 years ago
- A C polymorphic and metamorphic engine☆70Updated 6 years ago
- *DEPRECATED* Advanced skinning plugin for IDA Pro, ported to x64dbg☆32Updated 8 years ago
- Local Kernel Debugger (LKD) is a python wrapper around dbgengine.dll☆92Updated 8 years ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub☆79Updated 12 years ago
- Adding exceptions to Microsoft's Control Flow Guard (CFG)☆58Updated 9 years ago
- Hidden kernel mode code execution for bypassing modern anti-rootkits.☆83Updated 14 years ago
- ☆80Updated 7 years ago
- Open and generic Anti-Anti Reversing Framework. Works in 32 and 64 bits.☆64Updated 12 years ago
- Blackhat 2012 Sample Codes☆93Updated 8 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆78Updated 9 years ago
- Kernel Address Space Layout Randomization (KASLR) Recovery Software☆98Updated 8 years ago
- ViDi Visual Disassembler (experimental)☆76Updated 2 years ago
- [ARCHIVED] mov rax, ${Thalium/IceBox}; jmp rax;☆74Updated 6 years ago
- Anti-Anti-VM solution via Windows Driver☆58Updated 7 years ago