cpkt9762's repositories
ByePg
Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI
Core
Shared Obfuscation Core
dwm_overlay
PoC: DX11 overlay over DWM
dxgkrnl_hook
C++ graphics kernel subsystem hook
ExecutiveCallbackObjects
Research on Windows Kernel Executive Callback Objects
goron
Yet another llvm based obfuscator
huoji_debuger
ayy debuger
hwid
HWID spoofer
inline_syscall
Inline syscalls made easy for windows on clang
iris
WinDbg extension to display Windows process mitigations
llvm-string-obfuscator
LLVM String Obfuscator
MiniVisorPkg
The research UEFI hypervisor that supports booting an operating system.
modmap
Module extending manual mapper
mrspicky
MrsPicky - An IDAPython decompiler script that helps auditing calls to the memcpy() and memmove() functions.
PareidoliaTriggerbot
PareidoliaTriggerbot is a hypervisor-based, external Widowmaker triggerbot which uses the VivienneVMM and MouClassInputInjection projects to bypass the Overwatch Anti-Cheat.
PE-Dump-Fixer
PE-Dump-Fixer
qqzeng-ip
最新IP地址数据库-多语言解析以及导入数据库脚本
readwrite-kernel-stable
a more stable & secure read/write virtual memory for kernel mode drivers
registry_editor
tool that spoofs registry keys used by anti-cheats to fingerprint a machine
RETSpoof
RET / JMP RBX call spoofer
smbios_util
The application parses SMBIOS firmware table and reports information about your system's hardware according to the SMBIOS/DMI standard. Typically includes information about BIOS, motherboard, CPU, RAM etc. Application written in C++ and portable, should work under Windows/Linux/OS X. Not finished. Pull requests are welcome!
standalone_cxx
run C++ from anywhere
SyscallTables
Windows NT x64 Syscall tables
system_call_hook_win10_1903
This is the P.O.C source for hooking the system calls on Windows 10 (1903) using it's dynamic trace feature weakness
uEmu
Tiny cute emulator plugin for IDA based on unicorn.
VivienneVMM
VivienneVMM is a stealthy debugging framework implemented via an Intel VT-x hypervisor.
watermark_disabler
disables the 'Activate Windows' watermark.
win-libm
Core Math functions for MS Windows
XignCode-Implentation
XignCode implentation leak
xxHash
Extremely fast non-cryptographic hash algorithm