Pinned Repositories
360Safe
大数字驱动逆向代码
ac
kernel mode anti cheat
DLLThreadInjectionDetector
enum_real_dirbase
从MmPfnData中枚举进程和页目录基址
InfinityHook_latest
etw hook (syscall/infinity hook) compatible with the latest Windows version of PG
mutante
Kernel-mode Windows HWID spoofer
POLYGON
POLYGON 透视辅助源码
SCUM
人渣内部辅助 (需要更新偏移量)
WindowProtect
Etw hook 查找窗口相关内核函数 实现窗口保护 适用于Win10
xx_tvm
Peter-Zheng-Sp's Repositories
Peter-Zheng-Sp/syser
syser debugger x32/x64 ring3 with source level debugging/watch view/struct view
Peter-Zheng-Sp/plusaes
Header only C++ AES cipher library
Peter-Zheng-Sp/AES
C++ AES implementation
Peter-Zheng-Sp/Pretend_HideVirtualMemory
利用物理内存映射,实现虚拟内存的伪隐藏
Peter-Zheng-Sp/NtSocket_NtClient_NtServer
Using NtCreateFile and NtDeviceIoControlFile to realize the function of winsock(利用NtCreateFile和NtDeviceIoControlFile 实现winsock的功能)
Peter-Zheng-Sp/ADVobfuscator
Obfuscation library based on C++11/14 and metaprogramming
Peter-Zheng-Sp/SysWhispers2
AV/EDR evasion via direct system calls.
Peter-Zheng-Sp/CallMeWin32kDriver
Load your driver like win32k.sys
Peter-Zheng-Sp/KACE
Emulate Drivers in RING3 with self context mapping or unicorn
Peter-Zheng-Sp/lazy_importer
library for importing functions from dlls in a hidden, reverse engineer unfriendly way
Peter-Zheng-Sp/Hades-Windows
Hades HIDS/EDR for Windows
Peter-Zheng-Sp/NoScreen
Hiding the window from screenshots using the function win32kfull::GreProtectSpriteContent
Peter-Zheng-Sp/x64_remotecall
Perform remote calls in x64
Peter-Zheng-Sp/BeaconHunter
Detect and respond to Cobalt Strike beacons using ETW.
Peter-Zheng-Sp/GPU_ShellCode
Peter-Zheng-Sp/NeacSafe-Analysis
Not mine. Only for saving
Peter-Zheng-Sp/ExtremeInjector
Peter-Zheng-Sp/D2DOverlay
Easy to use overlay using Direct2d
Peter-Zheng-Sp/kmtest
Kernel-mode C++ unit testing framework in BDD-style
Peter-Zheng-Sp/DoubleCallBack
Peter-Zheng-Sp/LIEF
LIEF - Library to Instrument Executable Formats
Peter-Zheng-Sp/EASY-HWID-SPOOFER
基于内核模式的硬件信息欺骗工具
Peter-Zheng-Sp/veh_hide_memory
Peter-Zheng-Sp/dwm-screen-shot
将shellcode注入dwm.exe以进行屏幕截取
Peter-Zheng-Sp/MemoryVirtualization
Peter-Zheng-Sp/windows-ps-callbacks-experiments
Files for http://blog.deniable.org/posts/windows-callbacks/
Peter-Zheng-Sp/Osiris
Free open-source game cheat for Counter-Strike: Global Offensive, written in modern C++. GUI powered by Dear ImGui.
Peter-Zheng-Sp/Advanced-Process-Injection-Workshop
Peter-Zheng-Sp/RefleXXion
RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, it first collects the syscall numbers of the NtOpenFile, NtCreateSection, NtOpenSection and NtMapViewOfSection found in the LdrpThunkSignature array.
Peter-Zheng-Sp/DwmDraw
不使用3环挂钩进行DWM桌面绘制