DragonQuestHero

Kernel-Anit-Anit-Debug-Plugins

Kernel Anit Anit Debug Plugins 内核反反调试插件

Kernel_Inject

Kernel Inject DLL

PUBG-PAK-Hacker

use windows kernel deriver hidden file and itself to Bypass BE

Medusa

Radical Windows ARK

WindowsSyscallsEx

Quick check of NT kernel exported&unexported functions/global variable offset NT内核导出以及未导出函数+全局变量偏移速查

DwmDraw

不使用3环挂钩进行DWM桌面绘制

Kernel-Force-Delete

force delete runing .exe application file.or delete any locked file

WindowsKernelPrivateSymbolsDump

Win7内核私有符号结构转储

PUBG-ESP

玩家不知道战场-超能力感知

DriverLoaderPro

windows kernel deriver loader(pro)

CSKZ-AutoBhopJump

请叫我跳跳虎

CSOL-AutoBhop

跳跳虎2

Book

Win_Rootkit

A kernel-mode rootkit with remote control

HyperHide

Hypervisor based anti anti debug plugin for x64dbg

al-khaser

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

ScyllaHide

Advanced usermode anti-anti-debugger. Forked from https://bitbucket.org/NtQuery/scyllahide

spectre

A Windows kernel-mode rootkit that abuses legitimate communication channels to control a machine.

transacted_hollowing

Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging

KPDB

Windows PDB parser for kernel-mode environment.

ThreadStackSpoofer

Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.

AutoHotkey_L

AutoHotkey - macro-creation and automation-oriented scripting utility for Windows.

BetterPenetration

NtTrace

An strace-like program for the Windows 'native' API

SkyrimTools

SKSE工具插件(暂定)

Winshark

A wireshark plugin to instrument ETW

CSO2-Server

Counter-Strike Online 2 Server （即CSOL2服务器）支持2017年国服端和2018年韩服端

NexonGameSecurity

SteamTools

🛠「Steam++」是一个包含多种Steam工具功能的工具箱。

VivienneVMM

VivienneVMM is a stealthy debugging framework implemented via an Intel VT-x hypervisor.