mohuihui / antispy
AntiSpy is a free but powerful anti virus and rootkits toolkit.It offers you the ability with the highest privileges that can detect,analyze and restore various kernel modifications and hooks.With its assistance,you can easily spot and neutralize malwares hidden from normal detectors.
☆1,097Updated 3 years ago
Alternatives and similar repositories for antispy:
Users that are interested in antispy are comparing it to the libraries listed below
- windows kernel security development☆1,992Updated 2 years ago
- 🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc☆1,884Updated 2 years ago
- A free but powerful Windows kernel research tool.☆2,496Updated 5 months ago
- Hook system calls, context switches, page faults and more.☆2,513Updated last year
- Windows Object Explorer 64-bit☆1,717Updated last month
- Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…☆3,260Updated 2 weeks ago
- Converts a DLL into EXE☆807Updated last year
- VirtualKD-Redux - A revival and modernization of VirtualKD☆868Updated 9 months ago
- Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode☆2,251Updated last year
- Driver loader for bypassing Windows x64 Driver Signature Enforcement☆1,111Updated 5 years ago
- Syscall Monitor is a system monitor program (like Sysinternal's Process Monitor) using Intel VT-X/EPT for Windows7+☆736Updated 7 years ago
- A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl☆1,189Updated 3 weeks ago
- Turn off PatchGuard in real time for win7 (7600) ~ later☆1,004Updated 2 years ago
- proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC☆1,206Updated 10 months ago
- RpcView is a free tool to explore and decompile Microsoft RPC interfaces☆961Updated last year
- SuperDllHijack:A general DLL hijack technology, don't need to manually export the same function interface of the DLL, so easy! 一种通用Dll劫持技…☆938Updated 3 years ago
- WinDBG Anti-RootKit Extension☆626Updated 4 years ago
- All reasonably stable tools☆1,234Updated 7 months ago
- Windows kernel hacking framework, driver template, hypervisor and API written on C++☆1,708Updated last year
- Hiding kernel-driver for x86/x64.☆2,241Updated last month
- xAnalyzer plugin for x64dbg☆1,071Updated 3 years ago
- Some ways to inject a DLL into a alive process☆359Updated 6 years ago
- PE Tools - Portable executable (PE) manipulation toolkit☆1,083Updated 6 years ago
- Native API header files for the System Informer project.☆1,146Updated 2 weeks ago
- ☆807Updated 5 years ago
- A Pin Tool for tracing API calls etc☆1,399Updated last month
- Windows System Explorer☆848Updated 10 months ago
- Universal PatchGuard and Driver Signature Enforcement Disable☆839Updated 6 years ago
- A basic Direct Kernel Object Manipulation rootkit that removes a process from the EPROCESS list, hiding it from the Task Manager☆665Updated 6 years ago
- Kernel Driver Utility☆2,084Updated 4 months ago