kkent030315 / detect-anyrun
ANY.RUN sandbox detection collection
☆13Updated last month
Related projects: ⓘ
- A Hyper-V Hacking Framework For Windows 10 x64 (AMD & Intel)☆29Updated last year
- ☆33Updated this week
- ☆19Updated 7 months ago
- POC Hook of nt!HvcallCodeVa☆49Updated last year
- Compileable POC of namazso's x64 return address spoofer.☆46Updated 4 years ago
- Hijack NotifyRoutine for a kernelmode thread☆40Updated 2 years ago
- This driver hooks a device object for ioctl and uses mdls to allocate physical pages and manually injects an entry into a process's page …☆11Updated last year
- PAGE_GUARD based hooking library☆38Updated 2 years ago
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆44Updated last year
- ☆19Updated this week
- C/C++ antidebugging library for 32 and 64 bit processors☆10Updated 2 months ago
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆39Updated 2 years ago
- Binary rewriter for 64-bit PE files.☆40Updated 7 months ago
- Bypassing kernel patch protection runtime☆19Updated last year
- An extended proof-of-concept for the CVE-2021-21551 Dell ‘dbutil_2_3.sys’ Kernel Exploit☆23Updated 3 years ago
- Patches DSE by swapping both data ptrs located in SeValidateImageHeader && SeValidateImageData☆19Updated 7 months ago
- Windows kernel driver template for cmkr (with testsigning).☆29Updated last year
- Kernel ReClassEx☆58Updated 10 months ago
- ☆41Updated this week
- Freeze target threads (external - internal ) by avoiding SuspendThread detections. Or access registers from start address.☆29Updated 5 months ago
- ☆23Updated this week
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆47Updated 3 years ago
- ntoskrnl .data hooks for UM-KM communication☆33Updated 3 months ago
- ☆50Updated this week
- Experiment with PAGE_GUARD protection to hide memory from other processes☆31Updated 2 months ago
- ☆15Updated this week
- ☆42Updated 2 years ago
- direct systemcalls with a modern c++20 interface.☆41Updated last year
- UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.☆44Updated last year
- Makes IDA (most versions) to crash upon opening it.☆52Updated 3 weeks ago