mike1k / ImportCallObfuscatorLinks
Obfuscate calls to imports by patching in stubs
☆68Updated 3 years ago
Alternatives and similar repositories for ImportCallObfuscator
Users that are interested in ImportCallObfuscator are comparing it to the libraries listed below
Sorting:
- based on https://github.com/secrary/Hooking-via-InstrumentationCallback☆71Updated 5 years ago
- Handling C++ & __try exceptions without the need of built-in handlers.☆71Updated 3 years ago
- A simple tool to assemble shellcode ready to be copy-pasted into code☆68Updated 2 years ago
- Kernel ReClassEx☆62Updated last year
- C++ library for parsing and manipulating PE files statically and dynamically.☆87Updated last year
- PAGE_GUARD based hooking library☆46Updated 2 years ago
- Windows PDB parser for kernel-mode environment.☆97Updated 2 years ago
- Discarded Section Manual Map☆68Updated 4 years ago
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆145Updated 3 years ago
- ☆70Updated 2 years ago
- nmi stackwalking + module verification☆119Updated last year
- x64 syscall caller in C++.☆90Updated 6 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆113Updated 3 years ago
- Bypassing EasyAntiCheat.sys self-integrity by abusing call hierarchy☆81Updated 2 years ago
- hidden_syscall - syscaller without using syscall instruction in code☆61Updated 2 years ago
- ☆46Updated 3 years ago
- Binary rewriter for 64-bit PE files.☆76Updated last year
- reverse engineering of bedaisy.sys (battleyes kernel driver) - Aki2k/BEDaisy☆84Updated 4 years ago
- 🪝 Different aproaches to detecting EPT hooks☆109Updated 3 years ago
- A library to assist with memory & code protection.☆56Updated last year
- An x64 page table iterator written in C++ as a kernel mode windows driver.☆108Updated 4 years ago
- Mapping your code on a 0x1000 size page☆72Updated 3 years ago
- Virtual and physical memory hacking library using gigabyte vulnerable driver☆70Updated 2 years ago
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆47Updated 2 years ago
- A simple ida python script to find .data ptr☆50Updated 2 years ago
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆60Updated last year
- A devirtualization engine for Themida.☆100Updated last year
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆70Updated last year
- x64 manual mapper using inline syscalls☆9Updated 3 years ago
- ☆77Updated 3 years ago