mike1k / ImportCallObfuscator
Obfuscate calls to imports by patching in stubs
☆64Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for ImportCallObfuscator
- PAGE_GUARD based hooking library☆40Updated 2 years ago
- A simple tool to assemble shellcode ready to be copy-pasted into code☆64Updated 2 years ago
- Discarded Section Manual Map☆66Updated 4 years ago
- hidden_syscall - syscaller without using syscall instruction in code☆58Updated last year
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆136Updated 2 years ago
- Handling C++ & __try exceptions without the need of built-in handlers.☆65Updated 3 years ago
- C++ library for parsing and manipulating PE files statically and dynamically.☆87Updated last year
- based on https://github.com/secrary/Hooking-via-InstrumentationCallback☆67Updated 5 years ago
- A library to assist with memory & code protection.☆53Updated 8 months ago
- A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy☆80Updated last year
- Kernel ReClassEx☆63Updated last year
- DSE & PG bypass via BYOVD attack☆37Updated 7 months ago
- A devirtualization engine for Themida.☆91Updated 8 months ago
- Windows PDB parser for kernel-mode environment.☆90Updated last year
- A simple ida python script to find .data ptr☆47Updated last year
- POC Hook of nt!HvcallCodeVa☆50Updated last year
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆110Updated 2 years ago
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆46Updated last year
- x64 Windows implementation of virtual-address to physical-address translation☆41Updated 3 years ago
- A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.☆117Updated 3 years ago
- Different aproaches to detecting EPT hooks☆84Updated 2 years ago
- PE-Dump-Fixer☆102Updated 4 years ago
- ☆50Updated 11 months ago
- nmi stackwalking + module verification☆91Updated 10 months ago
- Improved VMP Idea(detect anti-anti-debug tools by bug)☆40Updated last year
- x64 manual mapper using inline syscalls☆5Updated 3 years ago