miketestz / ScyllaHide_VMPHeavensgateBypass
Advanced usermode anti-anti-debugger. Forked from https://bitbucket.org/NtQuery/scyllahide
☆18Updated last year
Related projects ⓘ
Alternatives and complementary repositories for ScyllaHide_VMPHeavensgateBypass
- A project on the Unicorn emulator to emulate the code of Pe files in windows☆19Updated last month
- ☆21Updated last year
- ☆18Updated 2 years ago
- Patches DSE by swapping both data ptrs located in SeValidateImageHeader && SeValidateImageData☆19Updated 9 months ago
- POC Hook of nt!HvcallCodeVa☆49Updated last year
- A Dynamic Study Vmprotect 1.x-1.9X Unpacking Toolkit, Recovery OEP, FIX PE, IAT and bypass protection with custom Loader and interceptor …☆30Updated last year
- Fully UD On EAC Now Enjoy Pasters :)☆15Updated last year
- VMP Mutation API Fix☆38Updated 2 years ago
- PoC over some VMP features☆16Updated 9 months ago
- ☆12Updated 2 years ago
- PAGE_GUARD based hooking library☆39Updated 2 years ago
- A Vulnerable PatchGuard Exploit that can be used to disable PatchGuard on Runtime.☆14Updated 4 months ago
- Kernel Level NMI Callback Blocker☆29Updated 2 months ago
- Execute anything in a legit memory region by attacking a windows driver☆20Updated last year
- PE Header (.rdata,.data,.text) obsfucation☆32Updated 2 years ago
- A simple present scene, kernel allocation injector.☆23Updated 2 years ago
- Illustrates the concept of return address spoofing, and how it is used.☆14Updated 4 years ago
- ☆20Updated 9 months ago
- ntoskrnl .data hooks for UM-KM communication☆34Updated 5 months ago
- PoC kernel to usermode injection☆56Updated 8 months ago
- Freeze target threads (external - internal ) by avoiding SuspendThread detections. Or access registers from start address.☆29Updated 7 months ago
- ☆28Updated last year
- POC kernel driver with hidden system thread☆12Updated 5 months ago
- sample bypass anti-anti-debug tool by race condition☆25Updated 2 years ago
- ☆28Updated last year
- A simple MmCopyMemory hook.☆33Updated 2 years ago