大数字驱动逆向代码
☆78Nov 4, 2023Updated 2 years ago
Alternatives and similar repositories for 360Safe
Users that are interested in 360Safe are comparing it to the libraries listed below
Sorting:
- The modifyed cjson that can running on windows kernel☆15Mar 21, 2023Updated 2 years ago
- Call NtCreateUserProcess directly as normal.☆77May 17, 2022Updated 3 years ago
- ☆11Nov 17, 2025Updated 3 months ago
- ☆18Sep 27, 2016Updated 9 years ago
- 隐藏可执行内存☆267Apr 27, 2025Updated 10 months ago
- 粗暴地枚举管理内核的WFP对象。 Manage kernel WFPs in a brutal way.☆27Jan 14, 2018Updated 8 years ago
- Quick check of NT kernel exported&unexported functions/global variable offset NT内核导出以及未导出函数+全局变量偏移速查☆98Mar 30, 2023Updated 2 years ago
- 一些研究☆14Dec 18, 2019Updated 6 years ago
- 绕过卡巴斯基主动防御,加载驱动,unhook所有ssdt hook及shadow ssdt hook☆38Sep 27, 2015Updated 10 years ago
- Radical Windows ARK☆251Apr 18, 2025Updated 10 months ago
- Win7内核私有符号结构转储☆70Sep 3, 2021Updated 4 years ago
- 不使用3环挂钩进行DWM桌面绘制☆82Dec 9, 2021Updated 4 years ago
- Easily hook WIN32 x64 functions☆18Feb 19, 2025Updated last year
- more conveniently Visual-Studio-BOF-template☆75Sep 12, 2023Updated 2 years ago
- ☆19Jul 20, 2015Updated 10 years ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- Block any Process to open HANDLE to your process , only SYTEM is allowed to open handle to your process ,with that you can avoid remote m…☆173Apr 27, 2023Updated 2 years ago
- network filter driver that control network send speed, based on windows tdi framework.☆31Feb 16, 2024Updated 2 years ago
- DllInject (Memory Load)☆11Jan 5, 2019Updated 7 years ago
- Reliable UDP, Author Whg☆15Oct 8, 2019Updated 6 years ago
- windows LPC library☆43Jun 7, 2013Updated 12 years ago
- WinRemoteEnum is a module-based collection of operations achievable by a low-privileged domain user.☆13Oct 24, 2022Updated 3 years ago
- Windows CVE主防(HIPS/HIDS)☆57Apr 29, 2021Updated 4 years ago
- Call the CLR interface from memory to load powershell, process-less powershell☆15Sep 7, 2023Updated 2 years ago
- For Example. See Miro's Blog☆30Nov 26, 2022Updated 3 years ago
- All Nt Syscall and W32k Syscall in one asm, include, and call it!☆58Nov 4, 2021Updated 4 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆71May 11, 2022Updated 3 years ago
- Windows (ShadowMove) Socket Duplication☆87Apr 19, 2020Updated 5 years ago
- ☆48Nov 7, 2018Updated 7 years ago
- Load CLR to get RWX 通过加载clr在自身内存中产生rwx空间☆22Sep 28, 2022Updated 3 years ago
- Hide Port In Windows☆42Oct 24, 2024Updated last year
- Windows API Call Obfuscation☆112Dec 9, 2022Updated 3 years ago
- pdb's function and global vars to offset☆10Apr 11, 2023Updated 2 years ago
- A Win32 logger based on DebugView & ETW.☆16Nov 15, 2017Updated 8 years ago
- 同时支持用户和内核模式的Inlinehook库☆128Oct 16, 2018Updated 7 years ago
- Self Cleanup in post-ex job☆59Sep 10, 2024Updated last year
- 从MmPfnData中枚举进程和页目录基址☆207Aug 18, 2023Updated 2 years ago
- ☆174Mar 9, 2022Updated 3 years ago
- Inject unsigned DLL into Protected Process Light (PPL)☆40May 8, 2025Updated 9 months ago