Whitebird0 / Windows-kernel-learning-notes
☆17Updated 2 years ago
Alternatives and similar repositories for Windows-kernel-learning-notes:
Users that are interested in Windows-kernel-learning-notes are comparing it to the libraries listed below
- 利用物理内存映射,实现虚拟内存的伪隐藏☆81Updated 2 years ago
- 使用 Intel 虚拟化特性实现应用层HOOK☆57Updated 2 months ago
- 一个用来做windows内核hook的框架☆83Updated 10 months ago
- 非编译时代码混淆,包括代码块拆分、代码乱序、常量加密、代码变异、抹除jcc、局部混淆等,主要提供框架以及思路☆30Updated last year
- Win7内核私有符号结构转储☆67Updated 3 years ago
- 收集常用windows版本内核文件☆32Updated last year
- 大数字驱动逆向代码☆71Updated last year
- 《Windows 内核安全编程技术实践》 系列丛书,探索 Anti RootKit 反内核工具核心原理与技术实现细节。☆46Updated 2 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆65Updated 2 years ago
- ida提取特征码脚本☆55Updated 5 years ago
- VT调试器插件搭配的CE☆21Updated 2 years ago
- VT Hook☆46Updated 7 months ago
- 过TP驱动☆28Updated 5 years ago
- Free(or force?)file and delete it☆12Updated 5 years ago
- 无痕注入1☆71Updated 3 years ago
- 自写驱动内存注入☆25Updated 3 years ago
- Hook NtDeviceIoControlFile with PatchGuard☆103Updated 2 years ago
- Heaven's Gate implementation in C for constructing x64 Win32 API call in x86 WoW64 processes.☆68Updated 3 years ago
- 简单的二进制加密壳☆11Updated 4 years ago
- ☆15Updated 3 months ago
- ☆27Updated last year
- ☆32Updated 4 months ago
- windwos内核研究与驱动Code☆61Updated 3 years ago
- ☆68Updated 2 years ago
- Call NtCreateUserProcess directly as normal.☆68Updated 2 years ago
- Ida pro plugin. The antiVM aims to quickly identify anti-virtual machine and anti-sandbox behavior. This can speed up malware analysis.☆38Updated 2 years ago
- 🖱2021腾讯游戏安全技术竞赛-机器学习 4th☆11Updated 3 years ago
- ☆40Updated 5 months ago
- win32kbase!NtDCompositionCommitSynchronizationObject and win32kbase!NtGdiGetCertificate☆15Updated 3 years ago
- 滴水中级内核学习☆28Updated last year