changeofpace/Enumerate-GetKeyState-Calls-Using-Varying-nVirtKey changeofpace/Enumerate-GetKeyState-Calls-Using-Varying-nVirtKey

  • Stars
    star
    4
  • Rank 3,304,323 (Top 66 %)
  • Language
    Python
  • Created about 8 years ago
  • Updated about 8 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
changeofpace/Enumerate-GetKeyState-Calls-Using-Varying-nVirtKey
github

changeofpace

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

IDAPython script. Bookmark all instances of calls to GetAsyncKeyState and GetKeyState which use a varying value (e.g. not const shift/ctrl/alt modifiers) for the nVirtKey arg.

More Repositories

1

VivienneVMM

VivienneVMM is a stealthy debugging framework implemented via an Intel VT-x hypervisor.
C++
775
star
2

Self-Remapping-Code

This program remaps its image to prevent the page protection of pages contained in the image from being modified via NtProtectVirtualMemory.
C++
558
star
3

MouClassInputInjection

MouClassInputInjection implements a kernel interface for injecting mouse input data packets into the input data stream of HID USB mouse devices.
C++
286
star
4

Overwatch-Dump-Fix

x64dbg plugin which removes anti-dumping and obfuscation techniques from the popular FPS game Overwatch.
C
240
star
5

MouHidInputHook

MouHidInputHook enables users to filter, modify, and inject mouse input data packets into the input data stream of HID USB mouse devices without modifying the mouse device stacks.
C++
239
star
6

Force-Page-Protection

This x64dbg plugin sets the page protection for memory mapped views in scenarios which cause NtProtectVirtualMemory to fail.
C
106
star
7

PE-Header-Dump-Utilities

This x64dbg plugin adds several commands for dumping PE header information by address.
C
60
star
8

Hex-Rays-Deep-Compile

Improves Hex-Rays output through batch decompilation.
C++
45
star
9

x64dbg-Anti-Debug-POC

viewing page boundaries of pages with PAGE_NOACCESS protection reveals the presence of x64dbg.
C++
21
star
10

Remote-Process-Cookie-for-Windows-7

Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.
C++
21
star
11

Simple-Injector

basic dll injector using Qt
C++
17
star
12

Find-Exported-Xrefs

Given a global name in IDA Pro, find all xrefs which are contained in an exported function.
Python
10
star