fengjixuchui / khaleesiView external linksLinks
Anti-debug library based on al-khaser with ScyllaHide/TitanHide detection.
☆63Aug 27, 2019Updated 6 years ago
Alternatives and similar repositories for khaleesi
Users that are interested in khaleesi are comparing it to the libraries listed below
Sorting:
- Modern x64 anti-debug library☆10Oct 29, 2019Updated 6 years ago
- Windows system spy for Mouse, Keyboard and Gamepad(Joystick).☆15Jul 6, 2022Updated 3 years ago
- Example of hijacking system calls via function pointer tables☆31Jun 26, 2021Updated 4 years ago
- Some drivers I've written while solving exercises from Practical Reverse Engineering☆15Jan 9, 2022Updated 4 years ago
- neat way to detect memory read using nt layer function.☆14Aug 4, 2023Updated 2 years ago
- Detour library (x64 and x86 compatible)☆13Dec 15, 2020Updated 5 years ago
- Simple Demo of using Windows Hypervisor Platform☆29Jul 14, 2025Updated 6 months ago
- ☆13Aug 24, 2022Updated 3 years ago
- A driver that supports communication between a Windows guest and HyperWin☆15Jan 6, 2021Updated 5 years ago
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated last year
- ☆14Mar 8, 2019Updated 6 years ago
- The kernel mode Standard Template Library Template☆19Feb 22, 2020Updated 5 years ago
- All Nt Syscall and W32k Syscall in one asm, include, and call it!☆58Nov 4, 2021Updated 4 years ago
- A research project about Windows notify routines.☆38Jul 31, 2020Updated 5 years ago
- BypaPH - Process Hacker's bypass (read/write any process virtual memory & kernel mem) 带签名驱动,驱动级内存读取☆23Sep 3, 2020Updated 5 years ago
- ☆16Oct 31, 2022Updated 3 years ago
- first commit☆64Oct 29, 2020Updated 5 years ago
- win10 pgContext dynamic dump (btc version)☆110Jan 15, 2020Updated 6 years ago
- Some crazy PE executables protection kernel driver☆20May 2, 2020Updated 5 years ago
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆66Apr 4, 2020Updated 5 years ago
- x64 syscall caller in C++.☆93Jun 23, 2018Updated 7 years ago
- ☆23Oct 28, 2020Updated 5 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆119Feb 8, 2022Updated 4 years ago
- Kernel-based memory hacking framework communicating with a kernel driver via sockets.☆96May 25, 2021Updated 4 years ago
- ☆26Sep 17, 2017Updated 8 years ago
- a simple intel vt code both support x86 & x64. PatchGuard monitor.☆77Oct 28, 2021Updated 4 years ago
- ☆44Oct 7, 2018Updated 7 years ago
- Analyze patches in a process☆258Jul 28, 2021Updated 4 years ago
- A C++ syscall ID extractor for Windows. Developed, debugged and tested on 20H2.☆21May 25, 2021Updated 4 years ago
- hooking KiUserApcDispatcher☆25Apr 3, 2017Updated 8 years ago
- Kernel driver that uses Shared memory to communicate with UserMode☆88Apr 25, 2019Updated 6 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆78Aug 12, 2015Updated 10 years ago
- Analysing and defeating PatchGuard universally☆36Nov 4, 2020Updated 5 years ago
- Bypasses for Windows kernel callbacks PatchGuard protection☆44Aug 15, 2021Updated 4 years ago
- Noninvasive debugging plugin for X64Dbg☆110Nov 21, 2024Updated last year
- Kernel mode to user mode injector☆11Mar 31, 2020Updated 5 years ago
- 扫描以及恢复 r3hook 类☆10Aug 29, 2021Updated 4 years ago
- DllInject (Memory Load)☆11Jan 5, 2019Updated 7 years ago
- Windows Server 2K3 NT 5☆12Apr 17, 2021Updated 4 years ago