huoji120 / Heuristic_antivirus_engine_by_huojiView external linksLinks
基于UC的启发式杀毒引擎[还没做完]
☆35Mar 28, 2021Updated 4 years ago
Alternatives and similar repositories for Heuristic_antivirus_engine_by_huoji
Users that are interested in Heuristic_antivirus_engine_by_huoji are comparing it to the libraries listed below
Sorting:
- win32kbase!NtDCompositionCommitSynchronizationObject and win32kbase!NtGdiGetCertificate☆16Oct 14, 2021Updated 4 years ago
- about how to make a anti-virus engine☆106May 22, 2025Updated 8 months ago
- ☆21Jan 15, 2025Updated last year
- 卓然主动防御源码(可执行文件+完整源码+完整作品报告)☆15Mar 5, 2019Updated 6 years ago
- 复现《EDR的梦魇:Storm-0978使用新型内核注入技术“Step Bear”》☆161Oct 27, 2024Updated last year
- https://key08.com/index.php/2021/10/19/1375.html☆71May 11, 2022Updated 3 years ago
- 40行代码检测到大部分CobaltStrike的shellcode☆293Jul 25, 2021Updated 4 years ago
- WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs☆18Aug 11, 2023Updated 2 years ago
- ksc4cpp is a shellcode framework for windows kernel based on C++☆22Feb 10, 2023Updated 3 years ago
- 一款linux下的�安全产品目的是满足个人安全需求有SSH爆破防护和SYN攻击扫描防护功能,基于netfilter,☆23Dec 2, 2023Updated 2 years ago
- a C/C++ shellcode compiler based on llvm/clang☆39Mar 29, 2016Updated 9 years ago
- Utilities scripts and Python module to facilitate executing idapython scripts in IDA.☆30Dec 5, 2025Updated 2 months ago
- Windows driver template, using C++20 & cmake & GithubActions☆24Aug 9, 2024Updated last year
- windows rpc 使用MIDL+RPC实现HelloWorld☆23Mar 21, 2018Updated 7 years ago
- 关于intel和amd指令行为不一样这件事☆62Apr 15, 2022Updated 3 years ago
- Slides of 44Con 2018☆22Oct 11, 2018Updated 7 years ago
- Helper functions for calculating the authenticode digest for a portable executable file☆21Apr 30, 2020Updated 5 years ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆68Aug 11, 2023Updated 2 years ago
- 戎码之眼是一个window上的基于att&ck模型的威胁监控工具.有效检测常见的未知威胁与已知威胁.防守方的利剑☆536Oct 25, 2023Updated 2 years ago
- Confirms the capability of Hardware-Accelerated Virtualization Technology.☆10Oct 26, 2025Updated 3 months ago
- Dump PDB Symbols including support for Bochs Debugging Format (with wine support)☆14Aug 11, 2023Updated 2 years ago
- Hyper-V Fuzzer using hAFL2☆11May 10, 2022Updated 3 years ago
- Cobaltstrike UDRL with memory evasion☆15May 16, 2024Updated last year
- Proofs-Of-360Security Sandbox Escape☆10Mar 18, 2022Updated 3 years ago
- ☆11Jan 8, 2022Updated 4 years ago
- ☆11Jul 11, 2023Updated 2 years ago
- Instrumenting a binary without source code to bypass anti-debug checks☆38Sep 25, 2021Updated 4 years ago
- 滥用cow机制进行全局注入☆99Jan 1, 2021Updated 5 years ago
- Malware analysis tool based on taint analysis.☆14Jan 29, 2022Updated 4 years ago
- ☆11Dec 28, 2021Updated 4 years ago
- AutoLinker支持库,根据源文件自动使用不同的Linker,调试、编译时动\静ec自动切换,覆盖重写核心库函数。☆14Nov 5, 2025Updated 3 months ago
- A fuzz demo for windows driver based on IoControlCode☆12May 25, 2018Updated 7 years ago
- 关闭恶意驱动的文件和注册表保护☆14Jun 28, 2022Updated 3 years ago
- ☆174Sep 9, 2020Updated 5 years ago
- Page fault hook use ept (Intel Virtualization Technology)☆200Oct 19, 2016Updated 9 years ago
- Use ci.dll API for validating Authenticode signature of files☆166Mar 28, 2022Updated 3 years ago
- 整合Pluto-Obfuscator和goron部分混淆,移植到LLVM-16.0.x,使用NewPassManager☆135Aug 16, 2023Updated 2 years ago
- Slaying multi-language LLVM IR with obfuscation passes to achieve JIT execution☆130Dec 24, 2025Updated last month
- Monitor ETW events for Windows process mitigation policies, with stack traces☆31Oct 7, 2022Updated 3 years ago