lstaroth / xorstr-security
Bypass detection from Flare-floss
☆23Updated 10 months ago
Related projects: ⓘ
- clearing traces of a loaded driver☆45Updated 2 years ago
- ☆62Updated this week
- InfinityHookProMax: Make InfinityHook great great again☆40Updated last year
- A library to assist with memory & code protection.☆53Updated 6 months ago
- ☆66Updated 2 years ago
- Hiding a system thread against conventional means of detection☆34Updated 3 years ago
- A simple ida python script to find .data ptr☆44Updated last year
- 将驱动映射到会话空间☆32Updated 2 years ago
- A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy☆75Updated last year
- KDM Is a driver that will dumps every drivers that got manually mapped with kdmapper.☆48Updated 2 years ago
- hidden_syscall - syscaller without using syscall instruction in code☆58Updated last year
- ☆44Updated 2 years ago
- Windows X64 mode use seh in manual mapped dll or manual mapped sys☆63Updated last year
- ☆48Updated 9 months ago
- ☆40Updated 2 years ago
- ☆21Updated this week
- ☆50Updated this week
- Improved VMP Idea(detect anti-anti-debug tools by bug)☆18Updated last year
- ☆124Updated last year
- ☆41Updated this week
- Mapping your code on a 0x1000 size page☆66Updated 2 years ago
- Freeze target threads (external - internal ) by avoiding SuspendThread detections. Or access registers from start address.☆29Updated 5 months ago
- mouseclassservicecallback detection via hook☆46Updated 2 years ago
- ☆68Updated 2 years ago
- ☆46Updated last year
- ☆31Updated this week
- A method to Disable DSE using .data ptr hooks☆23Updated 7 months ago
- POC usermode <=> kernel communication via ALPC.☆51Updated 3 months ago
- This project will give you an example how you can hook a kernel vtable function that cannot be directly called☆78Updated 2 years ago
- Windows Kernel Misc☆22Updated last year