hfiref0x / al-khaserLinks
(This is a fork used primarily to submit patches into upstream repository) Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
☆19Updated last week
Alternatives and similar repositories for al-khaser
Users that are interested in al-khaser are comparing it to the libraries listed below
Sorting:
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆77Updated 14 years ago
- Some garbage drivers written for getting started☆65Updated 5 years ago
- Code injection by hijacking threads in Windows 32-bit applications☆43Updated 6 years ago
- Capcom wrapper with safety in mind.☆79Updated 7 years ago
- Manual PE image mapper☆65Updated 11 years ago
- (DEPRECATED) A simple anti-anti debug library for Windows☆29Updated 4 years ago
- Another method to anti ThreadHideFromDebugger☆36Updated 6 years ago
- ☆26Updated 7 years ago
- kernel-mode TDI client which can send and receive HTTP requests☆55Updated 6 years ago
- Windows Manipulation Library (x64, User/Kernelmode)☆77Updated 6 years ago
- core of pkn game hacking project. Including mainly for process management, memory management, and DLL injecttion. Also PE analysis, windo…☆66Updated 6 years ago
- Communication via callback☆73Updated 5 years ago
- Analyze PatchGuard☆58Updated 6 years ago
- Anti-Anti-VM solution via Windows Driver☆58Updated 7 years ago
- POC of sysenter x64 LSTAR MSR hook☆39Updated 10 years ago
- My take on the capcom driver vulnerability☆28Updated 7 years ago
- x64 free protect Features 1.process/thread handle protect 2.anti taskmgr.exe 3.hide process 4.anti-debugger(user/kernel debugger)☆81Updated 6 years ago
- This is the P.O.C source for hooking the system calls on Windows 10 (1903) using it's dynamic trace feature weakness☆52Updated 5 years ago
- Windows handle stealing POC with NtDuplicateObject☆40Updated 8 years ago
- ayy debuger☆89Updated last year
- ☆36Updated 4 years ago
- Capstone disassembly/disassembler framework: Core (Arm, Arm64, M68K, Mips, PPC, Sparc, SystemZ, X86, X86_64, XCore) + bindings (Python, J…☆14Updated 6 years ago
- A sample on how to inject a DLL from a kernel driver☆62Updated 8 years ago
- Stealthy Injector that leverages a vulnerable driver and other exploits to remain undetected☆36Updated 6 years ago
- Windows Kernel Template Library☆109Updated 2 years ago
- ☆26Updated 8 years ago
- a simple intel vt code both support x86 & x64. PatchGuard monitor.☆75Updated 3 years ago
- Prototype of hijacking Windows driver dispatch routines in unmapped discardable sections☆54Updated 6 years ago
- BetaShield Windows x86 Ring3 Anticheat v2☆38Updated 8 years ago
- Analysing and defeating PatchGuard universally☆35Updated 4 years ago