guidedhacking / GH_AntiDebug_Bypass_Practice_ToolLinks
Guided Hacking's official tool to practice bypassing anti-debug techniques.
☆277Updated last month
Alternatives and similar repositories for GH_AntiDebug_Bypass_Practice_Tool
Users that are interested in GH_AntiDebug_Bypass_Practice_Tool are comparing it to the libraries listed below
Sorting:
- Demo proof of concept for shadow regions, and implementation of HyperDeceit.☆280Updated 2 years ago
- Debugger Anti-Detection Benchmark☆334Updated last year
- X86 Mutation Engine with Portable Executable compatibility.☆497Updated 3 years ago
- Native code virtualizer for x64 binaries☆486Updated 6 months ago
- ☆299Updated last month
- An Injector that can inject dll into game process protected by anti cheat using SetWindowsHookEx.☆244Updated 6 years ago
- This tool will allow you to spoof the return addresses of your functions as well as system functions.☆497Updated 2 years ago
- Collection of hypervisor detections☆239Updated 9 months ago
- Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executabl…☆332Updated 3 years ago
- My reversing tools. Some custom, some not.☆205Updated last year
- State of the art DLL injector that took 20 minutes to make☆217Updated last year
- Analyze patches in a process☆254Updated 3 years ago
- A list of excellent resources for anyone to deepen their understanding with regards to Windows Kernel Exploitation and general low level …☆144Updated 2 years ago
- Driver that uses network sockets to communicate with client and read/ write protected process memory.☆553Updated 6 years ago
- x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration☆330Updated 2 years ago
- A library to develop kernel level Windows payloads for post HVCI era☆411Updated 4 years ago
- Manual mapping without creating any threads, with rw only access☆749Updated 5 years ago
- usermode driver mapper that forcefully loads any signed kernel driver (legit cert) with a big enough section (example: .data, .rdata) to …☆434Updated 3 years ago
- DLL that hooks the NtQuerySystemInformation API and hides a process name☆289Updated 2 years ago
- Handle elevation DKOM against ObRegisterCallbacks☆306Updated 6 years ago
- A x64 Windows Rootkit using SSDT or Hypervisor hook☆540Updated 5 months ago
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆289Updated 8 months ago
- A mapper that maps shellcode into loaded large page drivers☆283Updated 3 years ago
- Static deobfuscator for Themida, WinLicense and Code Virtualizer 3.x's mutation-based obfuscation.☆287Updated 10 months ago
- Simple x86/x86_64 instruction level obfuscator based on a basic SBI engine☆270Updated 2 years ago
- Windows inline hooking tool.☆273Updated 6 years ago
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆603Updated 4 months ago
- Simple Kernelmode DLL Injector with Manual mapping☆294Updated last year
- Inline syscalls made easy for windows on clang☆711Updated last year
- Emulate Drivers in RING3 with self context mapping or unicorn☆341Updated 2 years ago