Palle's repositories
EfiGuard
Disable PatchGuard and DSE at boot time
pcPCHunter
x64 盗版pcPCHunter
zju-icicles
浙江大学课程攻略共享计划
zhihu
项目没有维护了, fork 吧
eye_mapper
BattlEye x64 usermode injector
pe-sieve
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
Self-Remapping-Code
This program remaps its image to prevent the page protection of pages contained in the image from being modified via NtProtectVirtualMemory.
libpku
北京大学课程资料整理
SyscallTables
Windows NT x64 Syscall tables
HyperPlatform
Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.
pubg-mobile-esp
刺激战场腾讯模拟器透视+磁性自瞄
MemoryModulePP
modify from memorymodule. support exception
BOOM
This is a program that uses drivers to read and write to memory.
books
book list
SRC-experience
工欲善其事,必先利其器
technical-whitepapers
Collection of IT whitepapers, presentations, pdfs; hacking, web app security, db, reverse engineering and more; EN/PL.
Blog
**科学技术大学计算机学院课程资源(https://mbinary.xyz/ustc-cs/)
APEX-EACBypass
APEX-EACBypass(usermode)
DriverInjectDll
Using Driver Global Injection dll, it can hide DLL modules
KsDumper
Dumping processes using the power of kernel space !
rw_socket_driver
Driver that uses network sockets to communicate with client and read/ write protected process memory.
HyperBone
Minimalistic VT-x hypervisor with hooks
Shark
Turn off PatchGuard in real time for win7 (7600) ~ win10 (17763).
PolyHook_2_0
C++17, x86/x64 Hooking Libary v2.0
libemu_pe
enable libemu run pe file and add some good modify
thu-cst-cracker
清华大学计算机系课程攻略