nihilboy / anti
Automated Integration of anti-Reversing methods in PE executables
☆48Updated 6 years ago
Related projects ⓘ
Alternatives and complementary repositories for anti
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆73Updated 13 years ago
- An automatic tool for fixing dumped PE files☆41Updated 4 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆53Updated 5 years ago
- fix vmprotect import function used unicorn-engine.☆92Updated last year
- Obfuscate calls to imports by patching in stubs☆64Updated 3 years ago
- Resolve DOS MZ executable symbols at runtime☆93Updated 3 years ago
- based on https://github.com/secrary/Hooking-via-InstrumentationCallback☆67Updated 5 years ago
- x64 syscall caller in C++.☆84Updated 6 years ago
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆169Updated 6 years ago
- ☆66Updated 3 years ago
- C++ library for parsing and manipulating PE files statically and dynamically.☆87Updated last year
- PoC for detecting and dumping code injection (built and extended on UnRunPE)☆54Updated 6 years ago
- Al-khaser is a PoC malware with good intentions that aimes to stress your malware analysis / sandbox environement☆31Updated 10 years ago
- Manual PE image mapper☆61Updated 11 years ago
- Code injection by hijacking threads in Windows 32-bit applications☆43Updated 6 years ago
- ☆63Updated 6 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆51Updated 3 years ago
- (DEPRECATED) A simple anti-anti debug library for Windows��☆29Updated 4 years ago
- LSASS INJECTOR☆33Updated 5 years ago
- ☆121Updated 4 years ago
- An example of a client and server using Windows' ALPC functions to send and receive data.☆89Updated 4 years ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆61Updated last year
- This is a simple driver with x64 inline assembly☆53Updated 4 years ago
- Takes a Windbg dumped structure (using the 'dt' command) and formats it into a C structure☆33Updated 4 months ago
- Different aproaches to detecting EPT hooks☆84Updated 2 years ago
- Simple PE Packer Which Encrypts .text Section☆49Updated 7 years ago
- Шаблон полнофункционального драйвера и обёртки над ядерным API☆110Updated 8 years ago
- Polymorphic Stub Creator☆30Updated 7 years ago
- Standalone program to download PDB Symbol files for debugging without WDK☆73Updated 5 years ago
- A documented Windows x64 bit Usermode Injector that works via hooking IAT and hijacking its threads to execute shellcode.☆63Updated last year