Pinned Repositories
AetherVisor
Memory hacking library powered by AMD SVM
al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
Alcatraz
x64 binary obfuscator
android-inline-hook
:fire: ShadowHook is an Android inline hook library which supports thumb, arm32 and arm64.
anti-ransomware-minifilter
A minifilter driver for detecting and blocking ransomware virus
Anti-Rootkit
Windows Anti-Rootkit Tool
Anti-Rootkit-1
Windows Anti-Rootkit Tool
cpp-ipc
C++ IPC Library: A high-performance inter-process communication using shared memory on Linux/Windows.
kernel-inline-hook
linux kernel inline hook
windows-kernel-pagehook
windows kernel pagehook
stdhu's Repositories
stdhu/cpp-ipc
C++ IPC Library: A high-performance inter-process communication using shared memory on Linux/Windows.
stdhu/al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
stdhu/Awesome-Backbones
Integrate deep learning models for image classification | Backbone learning/comparison/magic modification project
stdhu/BlackLotus
BlackLotus UEFI Windows Bootkit
stdhu/Cerberus
A C++ tool to unstrip Rust/Go binaries (ELF and PE)
stdhu/efi-monitor
just proof of concept. hooking MmCopyMemory PG safe.
stdhu/EfiGuard
Disable PatchGuard and DSE at boot time
stdhu/enum_real_dirbase
从MmPfnData中枚举进程和页目录基址
stdhu/ETWProcessMon2
ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
stdhu/json
JSON for Modern C++
stdhu/kcrypt
an encryption library designed for Windows kernel and driver programming
stdhu/KernelDwm
Kernel dwm render
stdhu/oxgenPdb
a Windows kernel Pdb parsing and downloading library that running purely in kernel mode without any R3 programs.
stdhu/ProcessHider
Post-exploitation tool for hiding processes from monitoring applications
stdhu/qemu-anti-detection
A patch to hide qemu itself, bypass mhyprot,EAC,nProtect / VMProtect,VProtect, Themida, Enigma Protector,Safegine Shielden
stdhu/R3nzSkin
Skin changer for League of Legends (LOL)
stdhu/r77-rootkit
Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
stdhu/ReadPhys
r/w virtual memory without attach
stdhu/RmTools
蓝队应急工具
stdhu/rules
Repository of yara rules
stdhu/Sandboxie
Sandboxie Plus & Classic
stdhu/SymbolicAccess
Static user/kernel mode library that allows access to all functions and global variables by extracting offsets from the PDB
stdhu/tp-emulator
A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe
stdhu/UEDumper
The all in one Unreal Engine Dumper and editor for UE 4.19 - 5.2
stdhu/unicorn-whpx
跨平台模拟执行unicorn框架基于Qemu的TCG模式(Tiny Code Generator),以无硬件虚拟化支持方式实现全系统的虚拟化,支持跨平台和架构的CPU指令模拟,本文讨论是一款笔者的实验性项目采用Windows Hypervisor Platform虚拟机模式提供了另一种CPU指令的模拟方式,在保持原有unicorn导出接口不变的情况下,采用Hyper-v支持带硬件虚拟化支持的Windows Hypervisor Platform API接口扩展了底层CPU模拟环境实现,支持X86指令集二进制程序模拟平台和调试器.
stdhu/Valorant-External
Valorant Cheat | Aimbot + Esp + Skin Changer
stdhu/VMPilot
VMPilot: A Modern C++ Virtual Machine SDK
stdhu/vxlang-page
protector & obfuscator & code virtualizer
stdhu/xVMP
stdhu/xx_tvm