lstaroth / AntiXorstrLinks
IDA Pro plugin AntiXorstr
☆134Updated 3 months ago
Alternatives and similar repositories for AntiXorstr
Users that are interested in AntiXorstr are comparing it to the libraries listed below
Sorting:
- Forked LLVM focused on MSVC Compatibility. This version is designed for windows users☆98Updated last month
- r/w virtual memory without attach☆175Updated last year
- A very simple C++ library for download pdb, get rva of function, global variable and offset from struct.☆143Updated last year
- Titan is a VMProtect devirtualizer☆51Updated last year
- InfinityHook 支持Win7 到 Win11 最新版本,虚拟机环境及物理机环境☆71Updated 7 months ago
- Example of reading process memory through kernel special APC☆106Updated 2 years ago
- 🪝 Different aproaches to detecting EPT hooks☆109Updated 3 years ago
- Exploit vulnerabilities in NeacSafe64.sys to achieve privilege escalation and kernel-mode shellcode execution☆9Updated last month
- ☆166Updated 3 years ago
- VMProtect, VMP, Devirter, 3,5☆107Updated 2 years ago
- ☆133Updated 2 years ago
- A simple ida python script to find .data ptr☆50Updated 2 years ago
- Obfusk8: C++17-Based Obfuscation Library☆111Updated this week
- (communication detected)a kernel driver for game cheater. includes read&write memory / key&mouse simulator / kernel DWM render / process …☆53Updated 3 weeks ago
- 一个用来做windows内核hook的框架☆150Updated last month
- 从MmPfnData中枚举进程和页目录基址☆176Updated last year
- Unknowncheats Magically Optimized Tidy Mapper using nvaudio☆123Updated 11 months ago
- ☆141Updated last year
- 使用 Intel 虚拟化特性实现应用层HOOK☆61Updated 3 months ago
- query-pdb is a server-side software for parsing PDB files. The software provides PDB online parsing service.☆153Updated 8 months ago
- A POC to detect the exist of VMProtect 3 protection by search feature watermark.☆79Updated last year
- Kernel-Mode extended version of https://github.com/microsoft/Detours☆164Updated last month
- Standard Kernel Library for Windows manipulation in C++☆151Updated 6 months ago
- DWM Overlay without write .text☆85Updated 8 months ago
- ☆163Updated 3 years ago
- 可在非测试模式下符号化读取内核内存。Kernel memory can be read symbolically in non test mode。☆108Updated 2 years ago
- Some psuedo snippets from BattlEye's BEDaisy.sys loaded on Rainbow Six: Siege.☆124Updated 3 years ago
- This project migrated to https://github.com/backengineering/llvm-msvc☆141Updated last year
- Kernel dwm render☆147Updated last year
- PE-Dump-Fixer☆105Updated 5 years ago