skadro-official / PE-Dump-Fixer
PE-Dump-Fixer
☆102Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for PE-Dump-Fixer
- Attempts to decrypt JM Xorstr in some x64 binaries☆50Updated last year
- Obfuscate calls to imports by patching in stubs☆64Updated 3 years ago
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆136Updated 2 years ago
- Kernel Lazy Importer☆111Updated 7 months ago
- A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.☆117Updated 3 years ago
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆52Updated 9 months ago
- A PoC for requesting HWIDs directly from hardware, skipping any potential hooks or OS support.☆77Updated 3 years ago
- Some usefull info when reverse engineering Kernel Mode Anti-Cheat☆67Updated last year
- Kernel driver for detecting Intel VT-x hypervisors.☆170Updated last year
- A simple ida python script to find .data ptr☆47Updated last year
- nmi stackwalking + module verification☆91Updated 10 months ago
- Standard Kernel Library for Windows hacking in C++☆89Updated 3 months ago
- based on https://github.com/secrary/Hooking-via-InstrumentationCallback☆67Updated 5 years ago
- Discarded Section Manual Map☆66Updated 4 years ago
- C++ library for parsing and manipulating PE files statically and dynamically.☆87Updated last year
- Handling C++ & __try exceptions without the need of built-in handlers.☆65Updated 3 years ago
- Different aproaches to detecting EPT hooks☆84Updated 2 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆110Updated 2 years ago
- a minimalistic windows hypervisor for amd processors☆98Updated 2 years ago
- ☆139Updated 3 years ago
- A proof of concept demonstrating communication via mapped shared memory structures between a user-mode process and a kernel-mode payload …☆74Updated 3 years ago
- Kernel ReClassEx☆63Updated last year
- Some psuedo snippets from BattlEye's BEDaisy.sys loaded on Rainbow Six: Siege.☆121Updated 2 years ago
- Windows PDB parser for kernel-mode environment.☆90Updated last year
- game dumper☆40Updated 4 years ago
- A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy☆80Updated last year
- A simple tool to assemble shellcode ready to be copy-pasted into code☆64Updated 2 years ago
- ☆89Updated 3 weeks ago