Vicshann / PEProtectDrvLinks
Some crazy PE executables protection kernel driver
☆19Updated 5 years ago
Alternatives and similar repositories for PEProtectDrv
Users that are interested in PEProtectDrv are comparing it to the libraries listed below
Sorting:
- win32/x64 obfuscate framework☆32Updated 6 years ago
- R3劫持所有异常☆15Updated 4 years ago
- Remote memory library in C++17.☆31Updated 7 years ago
- Undocumented NsiAllocateAndGetTable usage in GetTcpTableInternal reverse engineered on Win7 X64☆20Updated 7 years ago
- Ready-to-use headers for Windows Kernel SSDT indices☆11Updated 5 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆24Updated 3 years ago
- (shard of furikuri project) assambler for code obfuscation☆18Updated 5 years ago
- Protected Process Light Library☆18Updated 5 years ago
- x64 assembler library☆31Updated last year
- Driver Loader/BE Bypass/Win Malware(lol)☆34Updated 6 years ago
- ☆36Updated 4 years ago
- Interprocess communication library, providing the ability to call functions from each other☆20Updated 5 years ago
- Translates WinDbg "dt" structure dump to a C structure☆13Updated 5 years ago
- ☆14Updated 7 years ago
- Analysing and defeating PatchGuard universally☆35Updated 4 years ago
- Windows Console Monitor☆34Updated 6 years ago
- A C++ syscall ID extractor for Windows. Developed, debugged and tested on 20H2.☆20Updated 4 years ago
- Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling☆32Updated 6 years ago
- ☆24Updated 6 years ago
- Easily hook WIN32 x64 functions☆18Updated 6 months ago
- Library for using direct system calls☆35Updated 6 months ago
- Open Anti Cheat☆27Updated 3 years ago
- ☆15Updated 4 years ago
- Detects if a Kernel mode debugger is active by reading the value of KUSER_SHARED_DATA.KdDebuggerEnabled. It is a high level and portable …☆23Updated 7 years ago
- Simple header only library to change return address on current stack frame.☆24Updated 8 years ago
- Example of hijacking system calls via function pointer tables☆31Updated 4 years ago
- ☆26Updated 7 years ago
- Basic utilities for executing, reading and writing 64-bit data in a 32-bit WoW64 process☆17Updated 3 years ago
- A driver that supports communication between a Windows guest and HyperWin☆15Updated 4 years ago
- Fake Timestamps of Driver Certificates while keeping validity.☆17Updated 4 years ago