/ScyllaHideDetector2

Allows you to find the use of ScyllaHide, if your program will debug and restore hooking functions bytes.

Primary LanguageC++GNU General Public License v3.0GPL-3.0

ScyllaHide Detector V2

Allows you to find the use of ScyllaHide, if your program will debug and restore bytes.

TODO

  • win32u.dll
  • support x86

Done

  • NtSetInformationThread
  • NtSetInformationProcess
  • NtQuerySystemInformation
  • NtQueryInformationProcess
  • NtQueryObject
  • NtYieldExecution
  • NtCreateThreadEx
  • NtSetDebugFilterState
  • NtClose
  • NtQueryPerformanceCounter
  • NtGetContextThread
  • NtQuerySystemTime
  • GetTickCount
  • GetTickCount64
  • OutputDebugStringA
  • GetLocalTime
  • GetSystemTime

Screenshots

Normal

Detection

Debugger

Restore bytes (after execution program)

Restore bytes

Thanks

hiddy (inject.ws russian re forum)