whitephone / Windows-RootkitsLinks
☆26Updated 7 years ago
Alternatives and similar repositories for Windows-Rootkits
Users that are interested in Windows-Rootkits are comparing it to the libraries listed below
Sorting:
- Protected Process Light Library☆18Updated 4 years ago
- For Example. See Miro's Blog☆30Updated 2 years ago
- map driver to memory☆25Updated 6 years ago
- Driver Loader/BE Bypass/Win Malware(lol)☆34Updated 5 years ago
- ☆35Updated 4 years ago
- Polymorphic Stub Creator☆33Updated 7 years ago
- Example of hijacking system calls via function pointer tables☆31Updated 3 years ago
- ☆24Updated 6 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆24Updated 3 years ago
- What makes it page☆16Updated 2 years ago
- Demo List cm/ps/ob/minifilter callback And Patch/Bypass it☆28Updated 7 years ago
- x64 Kernel Hooks Detection☆24Updated 8 years ago
- win32/x64 obfuscate framework☆32Updated 6 years ago
- using gpuz to load driver☆33Updated 6 years ago
- Скрытие строки от отладчиков и декомпиляторов☆50Updated 5 years ago
- x86/x64 dll injector☆30Updated 3 years ago
- Another method to anti ThreadHideFromDebugger☆36Updated 6 years ago
- Map memory to user space and manipulate user memory, using capmon☆23Updated 6 years ago
- 粗暴地枚举管理内核的WFP对象。 Manage kernel WFPs in a brutal way.☆27Updated 7 years ago
- a simple intel vt code both support x86 & x64. PatchGuard monitor.☆75Updated 3 years ago
- windows inlinehook R3 R0☆11Updated 7 years ago
- Load Dll into Kernel space☆38Updated 2 years ago
- ☆47Updated 7 years ago
- fork HoShiMin Avanguard☆19Updated 6 years ago
- Some crazy PE executables protection kernel driver☆18Updated 5 years ago
- ☆23Updated 7 years ago
- intel vt-x hypervisor ept☆25Updated 5 years ago
- PEBFake(修改PEB 伪装当前进程路径、参数等)☆51Updated 4 years ago
- ☆31Updated 4 years ago
- kernel-mode TDI client which can send and receive HTTP requests☆55Updated 6 years ago