mike1k / peppLinks
C++ library for parsing and manipulating PE files statically and dynamically.
☆88Updated last year
Alternatives and similar repositories for pepp
Users that are interested in pepp are comparing it to the libraries listed below
Sorting:
- Obfuscate calls to imports by patching in stubs☆69Updated 3 years ago
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆60Updated last year
- Ghetto user mode emulation of Windows kernel drivers.☆140Updated 8 months ago
- VM devirtualization PoC based on AsmJit and llvm☆114Updated 3 years ago
- Kernel driver for detecting Intel VT-x hypervisors.☆188Updated last year
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆71Updated last year
- x64 syscall caller in C++.☆90Updated 7 years ago
- Intercepting DeviceControl via WPP☆134Updated 5 years ago
- Kernel ReClassEx☆62Updated last year
- A devirtualization engine for Themida.☆100Updated last year
- based on https://github.com/secrary/Hooking-via-InstrumentationCallback☆71Updated 5 years ago
- ☆145Updated 4 years ago
- nmi stackwalking + module verification☆124Updated last year
- Browse Page Tables on Windows (Page Table Viewer)☆210Updated 3 years ago
- Resolve DOS MZ executable symbols at runtime☆95Updated 3 years ago
- Windows PDB parser for kernel-mode environment.☆97Updated 2 weeks ago
- VMProtect, VMP, Devirter, 3,5☆107Updated 2 years ago
- A small tool for rapid enumeration of CPUID, and MSR fields.☆27Updated last year
- Binary rewriter for 64-bit PE files.☆76Updated last year
- A x86 CPU & Environment emulator for Windows user and kernel binaries.☆104Updated 2 weeks ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆113Updated 3 years ago
- Some psuedo snippets from BattlEye's BEDaisy.sys loaded on Rainbow Six: Siege.☆124Updated 3 years ago
- Analyze patches in a process☆254Updated 3 years ago
- ☆53Updated 2 years ago
- A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.☆136Updated 3 years ago
- 🪝 Different aproaches to detecting EPT hooks☆112Updated 3 years ago
- Handling C++ & __try exceptions without the need of built-in handlers.☆71Updated 3 years ago
- Kernel Lazy Importer☆121Updated last year
- A portable header only library extending the C++20 STL.☆78Updated last year
- A PoC for requesting HWIDs directly from hardware, skipping any potential hooks or OS support.☆80Updated 4 years ago