Pinned Repositories
Code-virtualization-and-automation-analysis
代码虚拟化与自动化分析
dwm-screen-shot
将shellcode注入dwm.exe以进行屏幕截取
Full-Hwid-Spoofer-2023
The present offering manifests as a potent and intuitive hardware ID (HWID) spoofer meticulously tailored for the Windows 10 and Windows 11 operating systems. Rigorous testing and successful deployment have ascertained seamless compatibility with both AMD and Intel CPUs and motherboards.
GhostDbg
Noninvasive debugging plugin for X64Dbg
IDA-VMware-GDB
Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub
NoMercy
Open source anti cheat
rewolf-x86-virtualizer
Simple VM based x86 PE (portable exectuable) protector.
Self-Remapping-Code
This program remaps its image to prevent the page protection of pages contained in the image from being modified via NtProtectVirtualMemory.
ShellcodeCompiler
Shellcode Compiler
TDL
Driver loader for bypassing Windows x64 Driver Signature Enforcement
wonderzdh's Repositories
wonderzdh/Full-Hwid-Spoofer-2023
The present offering manifests as a potent and intuitive hardware ID (HWID) spoofer meticulously tailored for the Windows 10 and Windows 11 operating systems. Rigorous testing and successful deployment have ascertained seamless compatibility with both AMD and Intel CPUs and motherboards.
wonderzdh/dwm-screen-shot
将shellcode注入dwm.exe以进行屏幕截取
wonderzdh/SyscallHook
System call hook for Windows 10 20H1
wonderzdh/VmwareHardenedLoader
Vmware Hardened VM detection mitigation loader (anti anti-vm)
wonderzdh/Windows10-CustomKernelSigners
Load self-signed drivers without TestSigning or disable DSE. Transferred from https://github.com/DoubleLabyrinth/Windows10-CustomKernelSigners
wonderzdh/bedaisy-reversal
Some psuedo snippets from BattlEye's BEDaisy.sys loaded on Rainbow Six: Siege.
wonderzdh/CiDllDemo
Use ci.dll API for validating Authenticode signature of files
wonderzdh/Detect-KeAttachProcess
Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.
wonderzdh/Detect-MouseClassServiceCallback
mouseclassservicecallback detection via hook
wonderzdh/DICHook
Hook NtDeviceIoControlFile with PatchGuard
wonderzdh/HelloIommuPkg
The sample DXE runtime driver demonstrating how to program DMA remapping.
wonderzdh/HookLib
The functions interception library written on pure C and NativeAPI with UserMode and KernelMode support
wonderzdh/Hwid--Spoofer
🔵 EAC - BE / Kernel Driver 🔵
wonderzdh/hwid-spoofer
hwid spoofer source
wonderzdh/InfinityHookPro
InfinityHookPro Win7 -> Win11 latest
wonderzdh/inline_syscall
Inline syscalls made easy for windows on clang
wonderzdh/Kernel-AntiCheat
wonderzdh/kvm
wonderzdh/LowLevelMouseHook-Example
[NET5] Shows how to strip injected flags from calls to SendInput/MouseEvent
wonderzdh/MemoryDll-DllRedirect
Dll memory redirection through Hook NtMapViewOfSection
wonderzdh/MouClassInputInjection
MouClassInputInjection implements a kernel interface for injecting mouse input data packets into the input data stream of HID USB mouse devices.
wonderzdh/Nmi-Callback
detect hypervisor with Nmi Callback
wonderzdh/NoScreen
Hiding the window from screenshots using the function win32kfull::ChangeWindowTreeProtection
wonderzdh/PEBS_l3set
This tool takes advantage of Intel PEBS (Precise Event-Based Sampling) to collect memory reference trace for target program and then generates MRC (Miss Ratio Curve)
wonderzdh/sc4cpp
sc4cpp is a shellcode framework based on C++
wonderzdh/ValorantExternal
Bypass valorant page guard external
wonderzdh/vt-debuuger
a debugger use vt technology
wonderzdh/wechat-chatgpt
Use ChatGPT On Wechat via wechaty
wonderzdh/wechat-chatgpt-railway
wonderzdh/windowskernellearning