Pinned Repositories
360Safe
大数字驱动逆向代码
ac
kernel mode anti cheat
DLLThreadInjectionDetector
enum_real_dirbase
从MmPfnData中枚举进程和页目录基址
InfinityHook_latest
etw hook (syscall/infinity hook) compatible with the latest Windows version of PG
mutante
Kernel-mode Windows HWID spoofer
POLYGON
POLYGON 透视辅助源码
SCUM
人渣内部辅助 (需要更新偏移量)
WindowProtect
Etw hook 查找窗口相关内核函数 实现窗口保护 适用于Win10
xx_tvm
Peter-Zheng-Sp's Repositories
Peter-Zheng-Sp/ADVobfuscator
Obfuscation library based on C++11/14 and metaprogramming
Peter-Zheng-Sp/AES
C++ AES implementation
Peter-Zheng-Sp/Alcatraz
x64 binary obfuscator
Peter-Zheng-Sp/Android-reverse
Android逆向的相关脚本文件
Peter-Zheng-Sp/BeaconHunter
Detect and respond to Cobalt Strike beacons using ETW.
Peter-Zheng-Sp/CallMeWin32kDriver
Load your driver like win32k.sys
Peter-Zheng-Sp/ETWProcessMon2
ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
Peter-Zheng-Sp/Hades-Windows
Hades HIDS/EDR for Windows
Peter-Zheng-Sp/Hook-KdTrap
Peter-Zheng-Sp/hvmi
Hypervisor Memory Introspection Core Library
Peter-Zheng-Sp/HyperDbg
State-of-the-art native debugging tool
Peter-Zheng-Sp/InfinityHookPro
InfinityHookPro Win7 -> Win11 latest
Peter-Zheng-Sp/InfinityHookProEx
This is an extension to InfinityHookPro to support physical machine environments. (Win7 -> Win11 latest)
Peter-Zheng-Sp/Kernel-Bridge
Windows kernel hacking framework, driver template, hypervisor and API written on C++
Peter-Zheng-Sp/lazy_importer
library for importing functions from dlls in a hidden, reverse engineer unfriendly way
Peter-Zheng-Sp/NEPS
Bloat-free CS:GO multihack for Windows, based on Osiris. You should probably give it a go, as it was in development for about 2 years. Formerly a griefing cheat that developed into a semi-rage multihack, with many features added, bugs fixed, things optimized and more!
Peter-Zheng-Sp/NoScreen
Hiding the window from screenshots using the function win32kfull::GreProtectSpriteContent
Peter-Zheng-Sp/ntoskrnl_file_collection
Collect various versions of ntoskrnl files
Peter-Zheng-Sp/NtSocket_NtClient_NtServer
Using NtCreateFile and NtDeviceIoControlFile to realize the function of winsock(利用NtCreateFile和NtDeviceIoControlFile 实现winsock的功能)
Peter-Zheng-Sp/pinduoduo_backdoor
拼多多apk内嵌提权代码,及动态下发dex分析
Peter-Zheng-Sp/plusaes
Header only C++ AES cipher library
Peter-Zheng-Sp/Pretend_HideVirtualMemory
利用物理内存映射,实现虚拟内存的伪隐藏
Peter-Zheng-Sp/query-pdb
query-pdb is a server-side software for parsing PDB files. The software provides PDB online parsing service.
Peter-Zheng-Sp/r77-rootkit
Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
Peter-Zheng-Sp/syser
syser debugger x32/x64 ring3 with source level debugging/watch view/struct view
Peter-Zheng-Sp/SysWhispers2
AV/EDR evasion via direct system calls.
Peter-Zheng-Sp/v8pp
Bind C++ functions and classes into V8 JavaScript engine
Peter-Zheng-Sp/VmwareHardenedLoader
Vmware Hardened VM detection mitigation loader (anti anti-vm)
Peter-Zheng-Sp/VmWareThrough
VmWareThrough
Peter-Zheng-Sp/x64_remotecall
Perform remote calls in x64