estr3llas / anti-vm-cpuidLinks
A collection of cpuid instruction implementations for anti-vm purposes.
☆10Updated 2 years ago
Alternatives and similar repositories for anti-vm-cpuid
Users that are interested in anti-vm-cpuid are comparing it to the libraries listed below
Sorting:
- IAT-Obfuscation to make static analysis of executable harder.☆45Updated 4 years ago
- ☆29Updated 3 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆71Updated 3 years ago
- Call NtCreateUserProcess directly as normal.☆76Updated 3 years ago
- 编译时混淆字符串,以确保生成的二进制PE不会暴漏明文字符串。(C++ 14 及以上)☆29Updated 4 years ago
- Rookit and anti rookit on Windows platform☆14Updated last year
- a dkom rootkit that targets windows x64 systems. the rootkit hooks and edits criticl memory sections in order to hide different resources…☆19Updated 2 years ago
- Load Dll into Kernel space☆39Updated 3 years ago
- Hook NtDeviceIoControlFile with PatchGuard☆107Updated 3 years ago
- UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.☆45Updated 3 years ago
- manual mapping injector☆29Updated 4 months ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Updated 4 years ago
- Proof-of-Concept software for detecting AV/EDR hooks in Windows libraries.☆36Updated 3 years ago
- .data ptr swapper for newer win32k versions. (Supports Windows 11)☆27Updated last week
- A simple program to obfuscate code written in cpp.☆51Updated last year
- Executes Read/Write process memory with `NtQueryCompositionSurfaceStatistics`☆21Updated last year
- ☆34Updated 2 years ago
- bootkit驱动映射,三环进程注入加载指定模块☆14Updated last year
- shadow tls☆17Updated 3 years ago
- Implementation of several code injection techniques.☆23Updated 3 years ago
- neat way to detect memory read using nt layer function.☆14Updated 2 years ago
- PoC exploit for HP Hardware Diagnostic's EtdSupp driver☆51Updated 2 years ago
- Kill Protected Process Light Process (include av)☆58Updated 2 years ago
- Windows API Call Obfuscation☆112Updated 3 years ago
- 以shellcode注入其它驱动执行,躲避驱动签名检测,曾pubg项目中使用,,,当然现在,,,☆27Updated 3 years ago
- 利用物理内存映射,实现虚拟内存的伪隐藏☆86Updated 3 years ago
- ☆26Updated 8 years ago
- Windows Kernel Knowledge && Collect Resources on the wire && Nothing innovation by myself &&☆61Updated 3 weeks ago
- An extended proof-of-concept for the CVE-2021-21551 Dell ‘dbutil_2_3.sys’ Kernel Exploit☆24Updated 4 years ago
- Protected Process Light Library☆18Updated 5 years ago