cocafe / physmem
Physical memory and MMIO read/write command line utility via asmmap64 on Windows
☆12Updated last year
Related projects: ⓘ
- Disables virtualprotect checks/hooks so you can modify memory and change memory protection in binaries protected by VMProtect.☆113Updated 3 years ago
- Anti-anti-debug: reset ThreadHideFromDebugger☆13Updated 2 years ago
- A lightning-fast memory pattern scanner, capable of scanning gigabytes of data per second☆25Updated 5 months ago
- Load driver on boot before anti-cheats☆23Updated 7 months ago
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆49Updated 7 months ago
- A static library, wrapper for mhyprot vulnerable driver, execute exploits and tests☆125Updated 3 years ago
- Another wow64ext to try to be compatible with WOW64 for all architectures.☆73Updated 3 months ago
- Example of using Windows Platform Binary Table (WPBT)☆11Updated last year
- ☆18Updated this week
- ☆17Updated this week
- Using ReadDirectoryChangesW to detect CheatEngine☆44Updated 2 years ago
- ☆82Updated this week
- VMProtect, VMP, Devirter, 3,5☆103Updated last year
- Use ntdll/ntoskrnl to implement Kernel32, Advapi32 and other APIs. It includes user-mode and kernel-mode.☆61Updated 3 weeks ago
- An anti-cheat project that includes kernel mode.☆39Updated 3 years ago
- Me fockin' pe protector☆45Updated last year
- 这篇文章的目的是介绍一款实验性项目基于COM命名管道或者Windows Hyper-V虚拟机Vmbus通道实现的运行在uefi上的windbg调试引擎开发心得☆40Updated 3 months ago
- ☆22Updated 2 years ago
- https://www.codeproject.com/Articles/5348168/Disable-Driver-Signature-Enforcement-with-DSE-Patc☆14Updated 11 months ago
- devirtualization vmprotect☆59Updated last year
- Monitor Kernel pool allocations tags☆54Updated 10 months ago
- Signature maker plugin for IDA 9.0☆81Updated last month
- just proof of concept. hooking MmCopyMemory PG safe.☆60Updated 10 months ago
- Global DLL injector☆63Updated 3 years ago
- SlimDetours is an improved Windows API hooking library base on Microsoft Detours.☆34Updated last month
- Simple IDA Pro plugin to download Unity debug symbols from their symbol server☆45Updated 5 months ago
- Cross-Platform Framework for High-Speed Memory Pattern Scanning with Multithreading, SIMD Support, and Alternative STL ETL Integration☆34Updated last month
- 可在非测试模式下符号化读取内核内存。Kernel memory can be read symbolically in non test mode。☆100Updated 2 years ago
- Simple dll injector that uses thread hijacking to execute the payload☆11Updated 2 years ago
- ☆20Updated last year