mike1k / ImportCallObfuscatorLinks
Obfuscate calls to imports by patching in stubs
☆69Updated 3 years ago
Alternatives and similar repositories for ImportCallObfuscator
Users that are interested in ImportCallObfuscator are comparing it to the libraries listed below
Sorting:
- C++ library for parsing and manipulating PE files statically and dynamically.☆88Updated last year
- based on https://github.com/secrary/Hooking-via-InstrumentationCallback☆71Updated 5 years ago
- A simple tool to assemble shellcode ready to be copy-pasted into code☆68Updated 3 years ago
- PAGE_GUARD based hooking library☆46Updated 2 years ago
- x64 syscall caller in C++.☆90Updated 7 years ago
- hidden_syscall - syscaller without using syscall instruction in code☆61Updated 2 years ago
- Handling C++ & __try exceptions without the need of built-in handlers.☆71Updated 3 years ago
- Kernel ReClassEx☆62Updated last year
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆113Updated 3 years ago
- PE-Dump-Fixer☆108Updated 5 years ago
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆60Updated last year
- reverse engineering of bedaisy.sys (battleyes kernel driver) - Aki2k/BEDaisy☆84Updated 4 years ago
- Binary rewriter for 64-bit PE files.☆76Updated last year
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆145Updated 3 years ago
- fix vmprotect import function used unicorn-engine.☆93Updated 2 years ago
- Discarded Section Manual Map☆68Updated 5 years ago
- Some usefull info when reverse engineering Kernel Mode Anti-Cheat☆71Updated 2 years ago
- A PoC for requesting HWIDs directly from hardware, skipping any potential hooks or OS support.☆80Updated 4 years ago
- Improved VMP Idea(detect anti-anti-debug tools by bug)☆45Updated 2 years ago
- Windows PDB parser for kernel-mode environment.☆97Updated 2 weeks ago
- x64 manual mapper using inline syscalls☆9Updated 3 years ago
- A devirtualization engine for Themida.☆100Updated last year
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆122Updated 2 years ago
- A library to assist with memory & code protection.☆59Updated last year
- nmi stackwalking + module verification☆124Updated last year
- Ghetto user mode emulation of Windows kernel drivers.☆140Updated 8 months ago
- Attempts to decrypt JM Xorstr in some x64 binaries☆55Updated 2 years ago
- Bypassing EasyAntiCheat.sys self-integrity by abusing call hierarchy☆81Updated 2 years ago
- This project will give you an example how you can hook a kernel vtable function that cannot be directly called☆82Updated 3 years ago
- Some psuedo snippets from BattlEye's BEDaisy.sys loaded on Rainbow Six: Siege.☆124Updated 3 years ago