A dynamic VMP dumper and import fixer, powered by VTIL.
☆44Sep 3, 2020Updated 5 years ago
Alternatives and similar repositories for vmpdump
Users that are interested in vmpdump are comparing it to the libraries listed below
Sorting:
- windows rpc 使用MIDL+RPC实现HelloWorld☆23Mar 21, 2018Updated 7 years ago
- Inject dll to process in driver☆10Aug 27, 2024Updated last year
- A SOCKS5-configured syscall hook that allows transparent TCP proxying on Windows for IPv4 and IPv6.☆26Jul 9, 2021Updated 4 years ago
- Win32 API Hook偵測☆10Oct 1, 2017Updated 8 years ago
- Very tiny and selective implementation of STL for Windows NT kernel mode drivers☆18Jun 22, 2021Updated 4 years ago
- Rookit and anti rookit on Windows platform☆14Apr 30, 2024Updated last year
- 卓然主动防御源码(可执行文件+完整源码+完整作品报告)☆15Mar 5, 2019Updated 7 years ago
- ☆47Feb 3, 2025Updated last year
- 基于windivert实现的windows数据包转发,实现转发socks5,支持tcp/udp 支持远程dns解析☆14Jan 17, 2020Updated 6 years ago
- use crystalCPUID to identify vt-x & amd-v☆17Apr 8, 2015Updated 10 years ago
- ☆12Sep 18, 2018Updated 7 years ago
- Win7内核私有符号结构转储☆70Sep 3, 2021Updated 4 years ago
- Kernel mode to user mode dll injection.☆14Nov 10, 2024Updated last year
- A demonstration of hooking into the VMProtect-2 virtual machine☆24Nov 9, 2023Updated 2 years ago
- POC - x64 injector -> x86 injectee dll injector☆15Apr 4, 2024Updated last year
- Windows Minifilter driver that redirects any I/O Request of mp3 files to a target file☆18Jul 7, 2015Updated 10 years ago
- Open-source EDR kernel-component for system monitoring and DLL injection☆33Nov 14, 2020Updated 5 years ago
- A static devirtualizer for VMProtect x64 3.x. powered by VTIL.☆2,083Aug 8, 2021Updated 4 years ago
- A general solution to simulate execution of virtualized instructions (vmprotect/themida, etc.).☆77Feb 9, 2022Updated 4 years ago
- 一个windows内核驱动分析框架,对内核所有导出函数进行挂钩监控☆69Nov 19, 2025Updated 3 months ago
- ida pdb plugin with enhance and bugfix☆122Sep 3, 2025Updated 6 months ago
- A set of Windows 10+/VS2022/C++14 tools for working with software modifications in two files (Detours.h, Detours.cpp).☆46Feb 1, 2026Updated last month
- Process Hollowing for 32 bit and 64 bit☆79Nov 10, 2017Updated 8 years ago
- Small class to parse debug info from PEs, download their respective PDBs from the Microsoft Public Symbol Server and calculate RVAs of fu…☆44Apr 1, 2023Updated 2 years ago
- Windows CVE主防(HIPS/HIDS)☆57Apr 29, 2021Updated 4 years ago
- ☆23Jul 24, 2023Updated 2 years ago
- 使用 Intel 虚拟化特性实现应用层HOOK☆65Sep 11, 2025Updated 5 months ago
- ☆53Dec 21, 2022Updated 3 years ago
- PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook☆12May 30, 2024Updated last year
- The Network project is a C++ encapsulation of WinSock2 to form a lightweight network library; The Graphics project is a C++ encapsulation…☆13Oct 31, 2017Updated 8 years ago
- ☆37Sep 8, 2015Updated 10 years ago
- x64 Kernel Hooks Detection☆24Jan 1, 2017Updated 9 years ago
- first commit☆64Oct 29, 2020Updated 5 years ago
- hutrace☆25Jun 6, 2022Updated 3 years ago
- SoulExtraction is a windows driver library for extracting cert information in windows drivers☆25Feb 12, 2023Updated 3 years ago
- Dump PDB Symbols including support for Bochs Debugging Format (with wine support)☆14Aug 11, 2023Updated 2 years ago
- Attempt to use WFP for proxy interception☆10Jan 13, 2019Updated 7 years ago
- ☆16Apr 10, 2025Updated 10 months ago
- Plugin to assist in reverse engineering programs that use JNI.☆11Apr 27, 2017Updated 8 years ago