lucass0 / API-Inspector
☆16Updated this week
Related projects: ⓘ
- Capture newly created files on Windows☆61Updated 2 years ago
- ☆79Updated this week
- ☆52Updated this week
- An automatic tool for fixing dumped PE files☆42Updated 4 years ago
- Crackmes Keygenmes Serialmes y más☆41Updated 2 years ago
- usermode standalone kernel interface☆110Updated 6 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆52Updated 5 years ago
- Al-khaser is a PoC malware with good intentions that aimes to stress your malware analysis / sandbox environement☆30Updated 10 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆73Updated 9 years ago
- This x64dbg plugin adds several commands for dumping PE header information by address.☆60Updated 7 years ago
- Sample project for kernel debugging automation with Vagrant☆57Updated 4 years ago
- Manual PE image mapper☆59Updated 11 years ago
- C++ 17 compile time string encryption supporting vs2010-2019☆72Updated 4 years ago
- disable most common windowsx64 systems patchguard☆82Updated 5 years ago
- ☆112Updated 11 years ago
- Examples of Static and Dynamic Thread Local Storage Callback Creation☆19Updated 7 years ago
- A C polymorphic and metamorphic engine☆65Updated 5 years ago
- Blackhat 2012 Sample Codes☆91Updated 8 years ago
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆72Updated 13 years ago
- ☆64Updated 3 years ago
- Disable Driver Callbacks☆97Updated 6 years ago
- Anti-Anti-VM solution via Windows Driver☆55Updated 6 years ago
- A sample on how to inject a DLL from a kernel driver☆60Updated 8 years ago
- Hooking SSDT with Avast Internet Security Hypervisor☆111Updated 5 years ago
- IDA script for vmprotect Windows Api address decoder☆51Updated 3 years ago
- r0akmap is a PoC driver manual mapper based on r0ak☆39Updated 6 years ago
- PoC for detecting and dumping code injection (built and extended on UnRunPE)☆54Updated 5 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 6 years ago
- This is a simple driver with x64 inline assembly☆52Updated 4 years ago