i1tao / winsec-arkLinks
Anti-Rootkit Tool for Windows
☆12Updated 5 months ago
Alternatives and similar repositories for winsec-ark
Users that are interested in winsec-ark are comparing it to the libraries listed below
Sorting:
- UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.☆45Updated 2 years ago
- https://www.huorong.cn/☆14Updated last year
- ☆27Updated 2 years ago
- A simple python script to check evil Visual Studio projects☆20Updated last year
- Compile-time + Lifetime, Usermode + Kernelmode, safe and lightweight string crypter library for C++17+, based on skCrypter☆14Updated last month
- shadow tls☆17Updated 2 years ago
- Load Dll into Kernel space☆38Updated 3 years ago
- neat way to detect memory read using nt layer function.☆14Updated 2 years ago
- ☆27Updated last year
- ☆26Updated last year
- Emulate Drivers in RING3 with self context mapping or unicorn☆20Updated 8 months ago
- 这篇文章的目的是介绍一款实验性项目基于COM命名管道或者Windows Hyper-V虚拟机Vmbus通道实现的运行在uefi上的windbg调试引擎开发心得☆42Updated last year
- ☆23Updated 2 years ago
- bootkit驱动映射,三环进程注入加载指定模块☆14Updated 10 months ago
- abusing signed pdfwkrnl.sys for kernel function calling from usermode.☆20Updated 2 weeks ago
- IAT-Obfuscation to make static analysis of executable harder.☆44Updated 3 years ago
- 以shellcode注入其它驱动执行,躲避驱动签名检测,曾pubg项目中使用,,,当然现在,,,☆26Updated 2 years ago
- 过TP驱动☆29Updated 5 years ago
- Executes Read/Write process memory with `NtQueryCompositionSurfaceStatistics`☆18Updated last year
- windows rootkit☆61Updated last year
- Wow64 Heaven's Gate Hook☆28Updated 4 years ago
- PoC kernel to usermode injection☆86Updated last year
- Based on minhook☆32Updated last year
- A simple example how to decrypt kernel debugger data block☆29Updated 4 years ago
- manual mapping injector☆28Updated 3 years ago
- Experiment to use sections as User/Kernelmode comm vector☆22Updated 2 years ago
- A VMBR (Virtual-Machine Based Rootkit) which runs a guest OS and sends the attacker its data☆27Updated last year
- Call NtCreateUserProcess directly as normal.☆73Updated 3 years ago
- ☆53Updated 2 years ago
- Static Library For Windows Drivers☆36Updated last week