mohuihui / antispy
AntiSpy is a free but powerful anti virus and rootkits toolkit.It offers you the ability with the highest privileges that can detect,analyze and restore various kernel modifications and hooks.With its assistance,you can easily spot and neutralize malwares hidden from normal detectors.
☆1,089Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for antispy
- windows kernel security development☆1,956Updated 2 years ago
- Hook system calls, context switches, page faults and more.☆2,423Updated last year
- Windows process injection methods☆142Updated last year
- 🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc☆1,827Updated 2 years ago
- A free but powerful Windows kernel research tool.☆2,425Updated last month
- Hiding kernel-driver for x86/x64.☆2,122Updated 10 months ago
- VirtualKD-Redux - A revival and modernization of VirtualKD☆820Updated 4 months ago
- A Pin Tool for tracing API calls etc☆1,301Updated 3 weeks ago
- Windows Object Explorer 64-bit☆1,648Updated last month
- xAnalyzer plugin for x64dbg☆1,019Updated 3 years ago
- A static devirtualizer for VMProtect x64 3.x. powered by VTIL.☆1,957Updated 3 years ago
- A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl☆1,117Updated 2 weeks ago
- Some ways to inject a DLL into a alive process☆353Updated 6 years ago
- SuperDllHijack:A general DLL hijack technology, don't need to manually export the same function interface of the DLL, so easy! 一种通用Dll劫持技…☆902Updated 3 years ago
- Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…☆3,104Updated 2 weeks ago
- Plugin manager for x64dbg☆811Updated this week
- proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC☆1,137Updated 6 months ago
- Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode☆2,122Updated last year
- Unicorn PE is an unicorn based instrumentation project designed to emulate code execution for windows PE files.☆787Updated 6 months ago
- hijack dll Source Code Generator. support x86/x64☆736Updated 3 years ago
- Turn off PatchGuard in real time for win7 (7600) ~ later☆984Updated 2 years ago
- A basic Direct Kernel Object Manipulation rootkit that removes a process from the EPROCESS list, hiding it from the Task Manager☆646Updated 5 years ago
- Monitoring and controlling kernel API calls with stealth hook using EPT☆1,166Updated 2 years ago
- RpcView is a free tool to explore and decompile Microsoft RPC interfaces☆928Updated last year
- A curated list of IDA x64DBG, Ghidra and OllyDBG plugins.☆1,279Updated 5 months ago
- A dynamic VMP dumper and import fixer, powered by VTIL.☆1,154Updated 4 years ago
- Linker/Compiler/Tool detector for Windows, Linux and MacOS.☆526Updated this week
- Protected Processes Light Killer☆889Updated last year
- Windows kernel hacking framework, driver template, hypervisor and API written on C++☆1,677Updated last year