zer0fl4g / DebugDetector
☆115Updated 12 years ago
Alternatives and similar repositories for DebugDetector:
Users that are interested in DebugDetector are comparing it to the libraries listed below
- Load a Windows Kernel Driver☆91Updated 7 years ago
- Windbg extension to find PatchGuard pages☆118Updated 10 years ago
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆75Updated 14 years ago
- Collection Of Anti-Debugging Tricks☆99Updated 9 years ago
- Open and generic Anti-Anti Reversing Framework. Works in 32 and 64 bits.☆64Updated 12 years ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub☆76Updated 12 years ago
- Elevation of privilege detector based on HyperPlatform☆120Updated 8 years ago
- MSI NTIOLib/WinIO Local Privilege Escalation exploit☆91Updated 8 years ago
- Multi-purpose proof-of-concept tool based on CPU-Z CVE-2017-15303☆109Updated 7 years ago
- Hidden kernel mode code execution for bypassing modern anti-rootkits.☆81Updated 14 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆76Updated 9 years ago
- A project that aims to automatically devirtualize code that has been virtualized using x86virt☆126Updated 2 years ago
- Hypervisor based tool for monitoring system register accesses.☆142Updated 6 years ago
- ☆80Updated 7 years ago
- ☆26Updated 10 years ago
- PatchGuard Research☆295Updated 6 years ago
- Intercept arbitrary functions at run-time, without knowing their typedefs☆87Updated 7 years ago
- Analyze and attack windows applications using dll hijacking vulnerabilities☆56Updated 5 years ago
- Stealth DLL injector☆86Updated 7 months ago
- Static unpacker for FinSpy VM☆99Updated 3 years ago
- x64dbg conditional branches logger [Plugin]☆71Updated 7 years ago
- A library for intercepting native functions by hooking KiFastSystemCall☆72Updated 4 years ago
- reverse engineering extension plugin for windbg☆115Updated 5 years ago
- VT-based PCI device monitor (SPI)☆151Updated 4 years ago
- qb-sync is an open source tool to add some helpful glue between IDA Pro and Windbg. Its core feature is to dynamically synchronize IDA's …☆119Updated 9 years ago
- MemoryRanger protects kernel data and code by running drivers and hosting data in isolated kernel enclaves using VT-x and EPT features. M…☆222Updated 4 years ago
- IDA script for vmprotect Windows Api address decoder☆51Updated 3 years ago
- IDA Plugin which decodes Windows Device I/O control code into DeviceType, FunctionCode, AccessType and MethodType.☆108Updated last year
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆53Updated 5 years ago
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆172Updated 7 years ago