alphaSeclab / hooking
Resources About Hooking. For All Platforms. Currently 300+ Tools And 600+ Posts.
☆310Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for hooking
- kernel-mode Anti-Anti-Debug plugin. based on intel vt-x && ept technology☆429Updated 4 years ago
- VMProtect 3.x Anti-debug Method Improved☆517Updated 5 years ago
- Unicorn PE is an unicorn based instrumentation project designed to emulate code execution for windows PE files.☆787Updated 6 months ago
- 30种方法检测程序是否被调试☆324Updated 5 years ago
- Kernel Anit Anit Debug Plugins 内核反反调试插件☆448Updated 3 years ago
- FindFunc is an IDA Pro plugin to find code functions that contain a certain assembly or byte pattern, reference a certain name or string,…☆306Updated last month
- A VMP to VTIL lifter.☆422Updated 3 years ago
- Medigate plugin for c++ reverse engineering and other utils☆271Updated last year
- A collection of x64dbg scripts. Feel free to submit a pull request to add your script.☆500Updated 4 months ago
- x64dbg plugin to bypass Themida 3.x Anti-Debugger / VM / Monitoring programs checks (x64)☆479Updated 3 years ago
- obfuscator-llvm 移植到llvm12.x.☆231Updated last year
- Some ways to inject a DLL into a alive process☆353Updated 6 years ago
- PE Injection、DLL Injection、Process Injection、Thread Injection、Code Injection、Shellcode Injection、ELF Injection、Dylib Injection, including…☆508Updated 4 years ago
- Strings plugin for x64dbg☆226Updated this week
- obfuscated any constant encryption in compile time on any platform☆411Updated last year
- Fix VMProtect Import Protection☆326Updated 3 years ago
- open-source x86/x64 usermode anti-anti-debug plugin☆215Updated 4 years ago
- System call hook for Windows 10 20H1☆479Updated 3 years ago
- Using Driver Global Injection dll, it can hide DLL modules☆505Updated 5 years ago
- an ida plugin used to decompile vmp☆300Updated 4 months ago
- Fix VMProtect3 IAT☆260Updated 11 months ago
- A dynamic VMP dumper and import fixer, powered by VTIL.☆1,148Updated 4 years ago
- VMProtect source code leak (incomplete, some important files are still missing, but you can still see it as a reference on how to virtual…☆159Updated 4 months ago
- LLVM Obfuscator / constexpr / PEB CALL API☆172Updated 5 years ago
- A library for loading dll module bypassing windows PE loader from memory (x86/x64)☆536Updated 7 months ago
- Syscall Monitor is a system monitor program (like Sysinternal's Process Monitor) using Intel VT-X/EPT for Windows7+☆721Updated 7 years ago
- Hex-Rays microcode API plugin for breaking an obfuscating compiler☆730Updated 3 years ago
- Yet Another Not So Obfuscated LLVM☆368Updated 5 months ago
- Hide Driver By MiProcessLoaderEntry☆280Updated 5 years ago