yawenok / SSDT-HookView external linksLinks
The windows kernel ssdt hook demo
☆16Nov 5, 2018Updated 7 years ago
Alternatives and similar repositories for SSDT-Hook
Users that are interested in SSDT-Hook are comparing it to the libraries listed below
Sorting:
- An SSDT hook for Windows☆62Oct 27, 2017Updated 8 years ago
- ssdt hook 框架的简单实现☆14Jun 9, 2016Updated 9 years ago
- A minifilter driver for detecting and blocking ransomware virus☆27Mar 4, 2018Updated 7 years ago
- Dumping ground for whatever IDA Pro scripts I write☆16Oct 9, 2016Updated 9 years ago
- Malware analysis tool based on taint analysis.☆14Jan 29, 2022Updated 4 years ago
- WinDbg debugger extension library providing various tools to analyse, dump and fix (restore) Microsoft Portable Executable files for both…☆84Aug 24, 2024Updated last year
- What makes it page☆17Aug 24, 2022Updated 3 years ago
- ☆10Mar 30, 2016Updated 9 years ago
- Kernel Shellcode to add all privileges in token☆15Mar 13, 2017Updated 8 years ago
- Sysark全称system anti-rootkit,是我学习内核写的工具(2013年的代码,后续不会再更新),里面基本上所有的功能都是用内核实现的。这里只是实现了反rootkit部分功能,作为工具的话,本人觉得还欠完善,但作为学习,或有人需要。目前针对的是XP SP2,…☆27Dec 26, 2017Updated 8 years ago
- Simple tool for unpacking packed/protected malware executables.☆32Oct 27, 2011Updated 14 years ago
- Automatically exported from code.google.com/p/hf-2011☆15Feb 12, 2016Updated 10 years ago
- An minifilter-based transparent encryptor on Windows.☆30Feb 27, 2017Updated 8 years ago
- ida提取特征码脚本☆56Nov 30, 2019Updated 6 years ago
- A simple C library for entropy measurement of byte streams and other data.☆14Dec 9, 2019Updated 6 years ago
- My manual analysis of malware families☆13Jul 12, 2017Updated 8 years ago
- Archive from the article CVE-2015-5119 Flash ByteArray UaF: A beginner's walkthrough☆13Sep 10, 2015Updated 10 years ago
- Plugins for Scylla☆20Sep 14, 2011Updated 14 years ago
- File encryption based on DES and blowfish☆15May 29, 2025Updated 8 months ago
- 给windows窗口全局添加一些功能。☆21May 1, 2019Updated 6 years ago
- Final Transparent encrypted version☆14Jan 10, 2017Updated 9 years ago
- hook system call that on user mode☆12Jan 27, 2022Updated 4 years ago
- Some useful tools for all kinds of Embedded device.☆11Oct 12, 2015Updated 10 years ago
- Anti-AV compilation☆44Oct 4, 2013Updated 12 years ago
- azazel反编译器 ftrace函数追踪 elfdemon 代码注入 lpv,skeksi,saruman 病毒 quenya 重建进程☆19Aug 26, 2018Updated 7 years ago
- Kernel-mode file scanner☆19Jul 16, 2018Updated 7 years ago
- ☆13Apr 30, 2020Updated 5 years ago
- x64dbg scripts for finding OEP of packers☆15Oct 22, 2018Updated 7 years ago
- How to write basic memory corruption exploits on Windows☆28Sep 14, 2016Updated 9 years ago
- Simple command line version of Sysinternals WinObj. Currently just lists object names and types given an object manager directory.☆22Sep 4, 2023Updated 2 years ago
- Emofishes is a collection of proof-of-concepts that help improve, bypass or detect virtualized execution environments (focusing on the on…☆15Jan 28, 2023Updated 3 years ago
- 大表哥的Syscall-Monitor☆34Jul 18, 2019Updated 6 years ago
- Archive of ransomware decryptors☆34Dec 7, 2017Updated 8 years ago
- IDA Pro Scripts☆37Feb 24, 2015Updated 10 years ago
- 绕过卡巴斯基主动防御,加载驱动,unhook所有ssdt hook及shadow ssdt hook☆38Sep 27, 2015Updated 10 years ago
- 进程保护、进程过滤的小工程、主要亮点是在内核中对操作系统中的用户进行管理☆16Nov 5, 2014Updated 11 years ago
- win7 apc注入不支持win10☆18Mar 29, 2019Updated 6 years ago
- ☆36Mar 22, 2017Updated 8 years ago
- reverse engineering, visual binary analysis☆24Jan 9, 2017Updated 9 years ago