gdabah / distormx
The ultimate hooking library
☆264Updated 4 years ago
Alternatives and similar repositories for distormx:
Users that are interested in distormx are comparing it to the libraries listed below
- PatchGuard Research☆296Updated 6 years ago
- Persistent IAT hooking application - based on bearparser☆254Updated 2 years ago
- Simple VM based x86 PE (portable exectuable) protector.☆338Updated 10 years ago
- pdbex is a utility for reconstructing structures and unions from the PDB into compilable C headers☆850Updated 7 months ago
- Detecting execution of kernel memory where is not backed by any image file☆256Updated 6 years ago
- Windows NT x64 syscall fuzzer☆598Updated last year
- The Windows Library for Intel Process Trace (WinIPT) is a project that leverages the new Intel Processor Trace functionality exposed by W…☆378Updated last year
- A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.☆431Updated 6 years ago
- VivienneVMM is a stealthy debugging framework implemented via an Intel VT-x hypervisor.☆803Updated 4 years ago
- Debug Child Process Tool (auto attach)☆282Updated last year
- idenLib - Library Function Identification [This project is not maintained anymore]☆392Updated 6 years ago
- SimpleSvmHook is a research purpose hypervisor for Windows on AMD processors.☆378Updated 4 years ago
- x86 Inline hooking engine (using trampolines)☆96Updated 10 years ago
- DriverBuddy is an IDA Python script to assist with the reverse engineering of Windows kernel drivers.☆358Updated 5 years ago
- Detours with just single dependency - NTDLL☆620Updated 2 years ago
- Research on Windows Kernel Executive Callback Objects☆286Updated 5 years ago
- The history of Windows Internals via symbols.☆176Updated 3 years ago
- Hypervisor based tool for monitoring system register accesses.☆143Updated 6 years ago
- TLB splitting VMM☆164Updated 8 years ago
- zer0m0n driver for cuckoo sandbox☆358Updated 9 years ago
- Official x64dbg plugin for IDA Pro.☆490Updated 6 months ago
- IDA Pro script to add some useful runtime info to static analysis☆526Updated 2 years ago
- PE permutation library☆271Updated last year
- Loading unsigned code into kernel in Windows 10 (64) with help of VMware Workstation Pro/Player design flaw☆135Updated 7 years ago
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆587Updated 2 months ago
- kHypervisor is a lightweight bluepill-like nested VMM for Windows, it provides and emulating a basic function of Intel VT-x☆424Updated 3 years ago
- Labeless is a multipurpose IDA Pro plugin system for labels/comments synchronization with a debugger backend, with complex memory dumping…☆545Updated 2 months ago
- makin - reveal anti-debugging and anti-VM tricks [This project is not maintained anymore]☆738Updated 6 years ago
- ☆226Updated 3 years ago
- Kernel Detective☆142Updated 2 years ago