MalwareTech / FstHook
A library for intercepting native functions by hooking KiFastSystemCall
☆71Updated 4 years ago
Related projects: ⓘ
- Windbg extension to find PatchGuard pages☆116Updated 10 years ago
- Elevation of privilege detector based on HyperPlatform☆118Updated 7 years ago
- Collection Of Anti-Debugging Tricks☆96Updated 8 years ago
- TDL4 style rootkit to spoof read/write requests to master boot record☆126Updated 6 years ago
- Hypervisor based tool for monitoring system register accesses.☆140Updated 6 years ago
- IDA Plugin which decodes Windows Device I/O control code into DeviceType, FunctionCode, AccessType and MethodType.☆106Updated 9 months ago
- ☆112Updated 11 years ago
- Loading unsigned code into kernel in Windows 10 (64) with help of VMware Workstation Pro/Player design flaw☆135Updated 7 years ago
- qb-sync is an open source tool to add some helpful glue between IDA Pro and Windbg. Its core feature is to dynamically synchronize IDA's …☆115Updated 9 years ago
- Load a Windows Kernel Driver☆89Updated 7 years ago
- A process overwriting its own PEB to make an illusion that it has been loaded from a different path.☆91Updated 3 years ago
- kernel exploitation helper class☆75Updated 7 years ago
- Local Kernel Debugger (LKD) is a python wrapper around dbgengine.dll☆91Updated 8 years ago
- Security Research and Development Framework☆103Updated 8 years ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub☆76Updated 12 years ago
- IntelVT-X nice feature -> tool☆92Updated 10 years ago
- Intercept arbitrary functions at run-time, without knowing their typedefs☆86Updated 7 years ago
- Simple proof of concept code for injecting libraries on 64bit processes from a 32bit process☆91Updated 5 years ago
- Blackhat 2012 Sample Codes☆91Updated 8 years ago
- KINS Banking Trojan☆61Updated 9 years ago
- Hidden kernel mode code execution for bypassing modern anti-rootkits.☆80Updated 13 years ago
- This is a plugin for OllyDbg 1.10 to replace the old disasm engine by Capstone disassembly/disassembler framework.☆80Updated 9 years ago
- Identifying Virtual Table Functions using VTBL IDA Pro Plugin + Deviare Hooking Engine☆90Updated 11 years ago
- Adding exceptions to Microsoft's Control Flow Guard (CFG)☆58Updated 8 years ago
- libemu shim layer and win32 environment for Unicorn Engine☆71Updated 7 years ago
- ☆89Updated this week
- Rovnix Bootkit☆120Updated 9 years ago
- A C polymorphic and metamorphic engine☆65Updated 5 years ago
- Library that allows you to run 64bit code on a Wow64 32bit process☆138Updated 7 years ago