huoji120 / Heuristic_antivirus_engine_by_huoji
基于UC的启发式杀毒引擎[还没做完]
☆34Updated 4 years ago
Alternatives and similar repositories for Heuristic_antivirus_engine_by_huoji:
Users that are interested in Heuristic_antivirus_engine_by_huoji are comparing it to the libraries listed below
- 绕过卡巴斯基主动防御,加载驱动,unhook所有ssdt hook及shadow ssdt hook☆37Updated 9 years ago
- Windows CVE主防(HIPS/HIDS)☆54Updated 3 years ago
- PEBFake(修改PEB 伪装当前进程路径、参数等)☆51Updated 4 years ago
- 卓然主动防御源码(可执行文件+完整源码+完整作品报告)☆15Updated 6 years ago
- ida提取特征码脚本☆55Updated 5 years ago
- 逆的或者收集的别人家的代码☆27Updated 2 months ago
- 安全卫士r3工具集☆37Updated 5 years ago
- win32kbase!NtDCompositionCommitSynchronizationObject and win32kbase!NtGdiGetCertificate☆16Updated 3 years ago
- 过去写的一些Windows安全研究相关代码☆135Updated 6 years ago
- windows rpc 使用MIDL+RPC实现HelloWorld☆23Updated 7 years ago
- 简单的二进制加密壳☆13Updated 4 years ago
- 感染MBR 下载并运行文件。☆33Updated 2 years ago
- 沙箱测试,测评国内常见沙箱的代码与结论☆100Updated 3 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆66Updated 2 years ago
- 笔者的在原作者池风水利用工具(以下简称工具)基础上进行二次开发,新增了全自动获取内核调试模块符号的偏移量及配置参数和不同漏洞利用方式优化等功能, 解决了不同Windows版本适配问题,工具包括适配驱动和利用程序两部分组成,实现了在Windows 10 19H1之后任意版本包…☆77Updated 3 years ago
- 关于intel和amd指令行为不一样这件事☆61Updated 3 years ago
- Rapid generation ShellCode☆60Updated 7 years ago
- Call NtCreateUserProcess directly as normal.☆71Updated 2 years ago
- windows inlinehook R3 R0☆11Updated 7 years ago
- 大数字驱动逆向代码☆71Updated last year
- 反射式注入☆28Updated 6 years ago
- Changes handle's access rights using DKOM with a vulnerable driver☆25Updated 7 years ago
- 滴水壳(傀儡进程)☆9Updated 4 years ago
- A poc of embedding x64 code into x86 PE file☆17Updated 5 years ago
- For Example. See Miro's Blog☆30Updated 2 years ago
- ☆23Updated 2 years ago
- 一个早期的抗启发式查杀的WIN32免杀壳☆43Updated 11 years ago
- intel vt-x hypervisor ept☆25Updated 4 years ago
- shellcode注入测试工具☆49Updated 5 years ago
- IDA plugin for COM☆47Updated 2 years ago