cocafe / physmem

Related projects: ⓘ

• yubie-re / vmp-virtualprotect-bypass
  Disables virtualprotect checks/hooks so you can modify memory and change memory protection in binaries protected by VMProtect.
  ☆113Updated 3 years ago
• samrussell / armswideopen
  Anti-anti-debug: reset ThreadHideFromDebugger
  ☆13Updated 2 years ago
• localcc / lightningscanner-rs
  A lightning-fast memory pattern scanner, capable of scanning gigabytes of data per second
  ☆25Updated 5 months ago
• armvirus / fs_driver_loader
  Load driver on boot before anti-cheats
  ☆23Updated 7 months ago
• mibho / x64dbg-vmp-trace
  unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…
  ☆49Updated 7 months ago
• kkent030315 / libmhyprot
  A static library, wrapper for mhyprot vulnerable driver, execute exploits and tests
  ☆125Updated 3 years ago
• sonyps5201314 / wow64ext
  Another wow64ext to try to be compatible with WOW64 for all architectures.
  ☆73Updated 3 months ago
• 0x00Alchemist / Calamity
  Example of using Windows Platform Binary Table (WPBT)
  ☆11Updated last year
• ScHaTTeNLiLiE / libmhyprot
  ☆18Updated this week
• emoisback / Mhyprot2Wrapper
  ☆17Updated this week
• gmh5225 / Detection-CheatEngine
  Using ReadDirectoryChangesW to detect CheatEngine
  ☆44Updated 2 years ago
• Ahora57 / AmogusPlugin
  ☆82Updated this week
• sunwm518 / VMProtect-3-5-DEvirt
  VMProtect, VMP, Devirter, 3,5
  ☆103Updated last year
• MiroKaku / Musa.Core
  Use ntdll/ntoskrnl to implement Kernel32, Advapi32 and other APIs. It includes user-mode and kernel-mode.
  ☆61Updated 3 weeks ago
• Binklac / BACWindows
  An anti-cheat project that includes kernel mode.
  ☆39Updated 3 years ago
• greyb1t / GreyM
  Me fockin' pe protector
  ☆45Updated last year
• cbwang505 / windbg-uefi
  这篇文章的目的是介绍一款实验性项目基于COM命名管道或者Windows Hyper-V虚拟机Vmbus通道实现的运行在uefi上的windbg调试引擎开发心得
  ☆40Updated 3 months ago
• CKCat / VMProtect-2-Reverse-Engineering
  ☆22Updated 2 years ago
• gmh5225 / DSE-Patcher
  https://www.codeproject.com/Articles/5348168/Disable-Driver-Signature-Enforcement-with-DSE-Patc
  ☆14Updated 11 months ago
• sh4m2hwz / devirt_vmp
  devirtualization vmprotect
  ☆59Updated last year
• zodiacon / PoolMonXv3
  Monitor Kernel pool allocations tags
  ☆54Updated 10 months ago
• TKazer / IDA-Pro-9.0-SigMaker
  Signature maker plugin for IDA 9.0
  ☆81Updated last month
• ekknod / efi-monitor
  just proof of concept. hooking MmCopyMemory PG safe.
  ☆60Updated 10 months ago
• Vicshann / GInjer
  Global DLL injector
  ☆63Updated 3 years ago
• KNSoft / KNSoft.SlimDetours
  SlimDetours is an improved Windows API hooking library base on Microsoft Detours.
  ☆34Updated last month
• SamuelTulach / ida-unity-pdb-downloader
  Simple IDA Pro plugin to download Unity debug symbols from their symbol server
  ☆45Updated 5 months ago
• pinwhell / TBS
  Cross-Platform Framework for High-Speed Memory Pattern Scanning with Multithreading, SIMD Support, and Alternative STL ETL Integration
  ☆34Updated last month
• IcEy-999 / Ntoskrnl_Viewer
  可在非测试模式下符号化读取内核内存。Kernel memory can be read symbolically in non test mode。
  ☆100Updated 2 years ago
• NullTerminatorr / ThreadHijackingInjector
  Simple dll injector that uses thread hijacking to execute the payload
  ☆11Updated 2 years ago
• xtremegamer1 / vmdevirt-vtil
  ☆20Updated last year