changeofpace/Remote-Process-Cookie-for-Windows-7 changeofpace/Remote-Process-Cookie-for-Windows-7

  • Stars
    star
    21
  • Rank 1,084,038 (Top 22 %)
  • Language
    C++
  • License
    GNU General Publi...
  • Created almost 8 years ago
  • Updated over 7 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
changeofpace/Remote-Process-Cookie-for-Windows-7
github

changeofpace

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.

More Repositories

1

VivienneVMM

VivienneVMM is a stealthy debugging framework implemented via an Intel VT-x hypervisor.
C++
775
star
2

Self-Remapping-Code

This program remaps its image to prevent the page protection of pages contained in the image from being modified via NtProtectVirtualMemory.
C++
558
star
3

MouClassInputInjection

MouClassInputInjection implements a kernel interface for injecting mouse input data packets into the input data stream of HID USB mouse devices.
C++
286
star
4

Overwatch-Dump-Fix

x64dbg plugin which removes anti-dumping and obfuscation techniques from the popular FPS game Overwatch.
C
240
star
5

MouHidInputHook

MouHidInputHook enables users to filter, modify, and inject mouse input data packets into the input data stream of HID USB mouse devices without modifying the mouse device stacks.
C++
239
star
6

Force-Page-Protection

This x64dbg plugin sets the page protection for memory mapped views in scenarios which cause NtProtectVirtualMemory to fail.
C
106
star
7

PE-Header-Dump-Utilities

This x64dbg plugin adds several commands for dumping PE header information by address.
C
60
star
8

Hex-Rays-Deep-Compile

Improves Hex-Rays output through batch decompilation.
C++
45
star
9

x64dbg-Anti-Debug-POC

viewing page boundaries of pages with PAGE_NOACCESS protection reveals the presence of x64dbg.
C++
21
star
10

Simple-Injector

basic dll injector using Qt
C++
17
star
11

Find-Exported-Xrefs

Given a global name in IDA Pro, find all xrefs which are contained in an exported function.
Python
10
star
12

Enumerate-GetKeyState-Calls-Using-Varying-nVirtKey

IDAPython script. Bookmark all instances of calls to GetAsyncKeyState and GetKeyState which use a varying value (e.g. not const shift/ctrl/alt modifiers) for the nVirtKey arg.
Python
4
star