skadro-official / PE-Dump-Fixer
PE-Dump-Fixer
☆100Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for PE-Dump-Fixer
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆110Updated 2 years ago
- Obfuscate calls to imports by patching in stubs☆64Updated 3 years ago
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆135Updated 2 years ago
- based on https://github.com/secrary/Hooking-via-InstrumentationCallback☆67Updated 5 years ago
- A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.☆117Updated 2 years ago
- ☆81Updated last week
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆52Updated 9 months ago
- C++ library for parsing and manipulating PE files statically and dynamically.☆83Updated last year
- Some usefull info when reverse engineering Kernel Mode Anti-Cheat☆67Updated last year
- Different aproaches to detecting EPT hooks☆84Updated 2 years ago
- A proof of concept demonstrating communication via mapped shared memory structures between a user-mode process and a kernel-mode payload …☆74Updated 3 years ago
- Kernel ReClassEx☆62Updated 11 months ago
- Check your detection vectors☆136Updated last year
- Kernel driver for detecting Intel VT-x hypervisors.☆170Updated last year
- Standard Kernel Library for Windows hacking in C++☆82Updated 2 months ago
- Kernel Lazy Importer☆109Updated 6 months ago
- A PoC for requesting HWIDs directly from hardware, skipping any potential hooks or OS support.☆77Updated 3 years ago
- Some psuedo snippets from BattlEye's BEDaisy.sys loaded on Rainbow Six: Siege.☆122Updated 2 years ago
- Kernel driver that uses Shared memory to communicate with UserMode☆83Updated 5 years ago
- a minimalistic windows hypervisor for amd processors☆98Updated 2 years ago
- nmi stackwalking + module verification☆85Updated 10 months ago
- reverse engineering of bedaisy.sys (battleyes kernel driver) - Aki2k/BEDaisy☆59Updated 4 years ago
- Attempts to decrypt JM Xorstr in some x64 binaries☆50Updated last year
- A simple ida python script to find .data ptr☆46Updated last year
- A lightweight BattlEye emulator of the launcher☆57Updated 2 years ago
- A devirtualization engine for Themida.☆91Updated 8 months ago
- DSE & PG bypass via BYOVD attack☆37Updated 7 months ago
- Handling C++ & __try exceptions without the need of built-in handlers.☆65Updated 3 years ago