mohuihui / antispy
AntiSpy is a free but powerful anti virus and rootkits toolkit.It offers you the ability with the highest privileges that can detect,analyze and restore various kernel modifications and hooks.With its assistance,you can easily spot and neutralize malwares hidden from normal detectors.
☆1,094Updated 4 years ago
Alternatives and similar repositories for antispy:
Users that are interested in antispy are comparing it to the libraries listed below
- windows kernel security development☆1,997Updated 2 years ago
- SuperDllHijack:A general DLL hijack technology, don't need to manually export the same function interface of the DLL, so easy! 一种通用Dll劫持技…☆940Updated 3 years ago
- A free but powerful Windows kernel research tool.☆2,508Updated 6 months ago
- 🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc☆1,894Updated 2 years ago
- Windows Object Explorer 64-bit☆1,742Updated 2 weeks ago
- Some ways to inject a DLL into a alive process☆360Updated 7 years ago
- hijack dll Source Code Generator. support x86/x64☆791Updated 4 years ago
- Syscall Monitor is a system monitor program (like Sysinternal's Process Monitor) using Intel VT-X/EPT for Windows7+☆738Updated 7 years ago
- Hiding kernel-driver for x86/x64.☆2,272Updated 2 months ago
- Hook system calls, context switches, page faults and more.☆2,525Updated last year
- Turn off PatchGuard in real time for win7 (7600) ~ later☆1,011Updated 3 years ago
- VirtualKD-Redux - A revival and modernization of VirtualKD☆880Updated 10 months ago
- PE Tools - Portable executable (PE) manipulation toolkit☆1,092Updated 7 years ago
- Universal PatchGuard and Driver Signature Enforcement Disable☆840Updated 6 years ago
- Driver loader for bypassing Windows x64 Driver Signature Enforcement☆1,113Updated 5 years ago
- Plugin manager for x64dbg☆850Updated this week
- A basic Direct Kernel Object Manipulation rootkit that removes a process from the EPROCESS list, hiding it from the Task Manager☆670Updated 6 years ago
- A static devirtualizer for VMProtect x64 3.x. powered by VTIL.☆2,006Updated 3 years ago
- Protected Processes Light Killer☆924Updated 2 years ago
- xAnalyzer plugin for x64dbg☆1,078Updated 3 years ago
- Monitoring and controlling kernel API calls with stealth hook using EPT☆1,238Updated 3 years ago
- A dynamic VMP dumper and import fixer, powered by VTIL.☆1,217Updated 4 years ago
- proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC☆1,209Updated 11 months ago
- iMonitor(冰镜 - 终端行为分析系统)☆747Updated 5 months ago
- WinDBG Anti-RootKit Extension☆628Updated 4 years ago
- Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode☆2,263Updated last year
- 在Windows环境下的进程注入方法:远程线程注入、创建进程挂起注入、反射注入、APCInject、SetWindowHookEX注入☆655Updated 6 years ago
- Windows kernel hacking framework, driver template, hypervisor and API written on C++☆1,720Updated last year
- Helper library for x86 programs that runs under WOW64 layer on x64 versions of Microsoft Windows operating systems.☆966Updated 2 years ago
- Hook system calls on Windows by using Kaspersky's hypervisor☆1,165Updated last year