vxcall / ZwDetectMemoryRead
neat way to detect memory read using nt layer function.
☆14Updated last year
Alternatives and similar repositories for ZwDetectMemoryRead:
Users that are interested in ZwDetectMemoryRead are comparing it to the libraries listed below
- ☆27Updated 2 years ago
- Hijack NotifyRoutine for a kernelmode thread☆41Updated 2 years ago
- ☆21Updated last year
- ☆12Updated 2 years ago
- ☆30Updated last year
- Walks through the 4-level paging structures in Windows x64☆13Updated 2 years ago
- ☆24Updated last year
- Open Anti Cheat☆27Updated 2 years ago
- ☆19Updated 2 years ago
- UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.☆44Updated 2 years ago
- ☆18Updated last year
- VEH debug plugin☆14Updated 2 years ago
- it's a driver injector or driver loader header lib(Windows)☆12Updated last year
- IO隐藏通信封装☆15Updated 3 years ago
- ☆16Updated 2 years ago
- Patches DSE by swapping both data ptrs located in SeValidateImageHeader && SeValidateImageData☆19Updated last year
- use ce driver, kernel library.☆14Updated 2 years ago
- direct systemcalls with a modern c++20 interface.☆42Updated 2 years ago
- A poc that abuses Enclave☆36Updated 2 years ago
- Stealing signatures from pe files☆16Updated 2 years ago
- Logging library for kernel drivers written for the Windows NT operating system.☆19Updated 2 weeks ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆24Updated 3 years ago
- pdb's function and global vars to offset☆10Updated last year
- detect hypervisor with Nmi Callback☆34Updated 2 years ago
- Some crazy PE executables protection kernel driver☆18Updated 4 years ago
- windows kernel pagehook☆38Updated 2 years ago
- Protected Process Light Library☆18Updated 4 years ago
- Not mine. Only for saving☆22Updated 2 years ago
- VT调试器插件搭配的CE☆21Updated 2 years ago
- 对debughelp的二次开发☆11Updated 2 years ago