PELock / CMemPatch
A simple class in C++ to load and read/write process memory, it comes with an example of how to decrypt the once popular demoscene e-zine HUGI data archives.
☆18Updated 10 years ago
Alternatives and similar repositories for CMemPatch:
Users that are interested in CMemPatch are comparing it to the libraries listed below
- A small utility to run raw code chunks in the executable memory area.☆14Updated 10 years ago
- A Portable Executable (PE) Format poster in A1 59,4 x 84,1 cm format, including almost all of the structures from PE/PE32+ format (with c…☆19Updated last year
- IDA Pro Instruction Reference Plugin☆14Updated 5 years ago
- The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers☆34Updated 7 years ago
- Windows hidden thread suspend POC with code injection☆12Updated 7 years ago
- ☆18Updated 5 years ago
- Debugger checks in 3 ways☆18Updated 7 years ago
- Proof of concept headless GUI DLL☆12Updated 3 years ago
- DLL and API hooking example to hide running in a Terminal Session☆17Updated 4 years ago
- DLL Injection commandline utility☆26Updated 11 years ago
- Simple tool for unpacking packed/protected malware executables.☆32Updated 13 years ago
- Change 4 bytes at the end of file to get desired CRC32☆9Updated 7 years ago
- Windows x86 Hardware Breakpoint class for Windows >Vista☆22Updated 8 years ago
- Demonstrate the new FileDispositionInfoEx behavior☆14Updated 7 years ago
- Taking advantage of CRT initialization, to get away with hooking protected applications☆46Updated 2 years ago
- Wow64 syscall hook☆40Updated 7 years ago
- Scanning and identifying XOR encrypted PE files in PE resources☆27Updated 10 years ago
- Plugins for Scylla☆19Updated 13 years ago
- Simple error lookup for Win32 and NTSTATUS errors☆17Updated 6 years ago
- Formely KMon, a Windows Kernel Driver designed to prevent malware attacks by monitoring the creation of registry keys in common autorun l…☆21Updated 11 years ago
- ASProtect reverse engineering & analysis WinDbg extension☆21Updated 4 years ago
- This is a demo project to illustrate the way to verify and restore original SST in case of some malware hooks☆33Updated 8 years ago
- Full reversing of the Microsoft Auxiliary Windows API Library and ported to C☆23Updated 2 months ago
- Given a global name in IDA Pro, find all xrefs which are contained in an exported function.☆11Updated 8 years ago
- x64dbg scripts for finding OEP of packers☆14Updated 6 years ago
- A WDM Windows driver to issue IO to storage devices with asynchronous multithreaded processing☆21Updated 8 years ago
- User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.☆19Updated 9 years ago
- A class to gather information about a process, its threads and modules.☆24Updated 4 years ago
- ☆26Updated this week