DWM Overlay Demonstration for 25H2

PoC Implementation of a fully dynamic call stack spoofer

HumanMoveMouse is a realistic mouse‑movement simulator based on a statistical model trained on 300 samples of real human behavior. It generates natural cursor trajectories with realistic accelerati…

Kernel Lazy Importer

dumping and reconstructing Unreal Engine 4 (UE4) SDK structures from Android games at runtime using AndUE4Dumper. The goal is to analyze UE4 internal data structures in memory and generate usable S…

Professional Android SO dumper for UE4/Unity with multi-architecture support

Moufiltr is a Windows kernel filter driver which will attach to your mouse driver stack pipeline and allows you to filter or modify your mouse input.

Using NtCreateFile and NtDeviceIoControlFile to realize the function of winsock（利用NtCreateFile和NtDeviceIoControlFile 实现winsock的功能）

Dwm-Overlay

Windows 11 24h2 LPE Kernel Exploitation. CVE-2020-12446(eneio64.sys)

记录游戏逆向的分析过程

Synchronized Kernel Drawing for 24H2

Memory hacking library powered by AMD SVM

SimpleSvmHook is a research purpose hypervisor for Windows on AMD processors.

隐藏钩子过PG

🪝 Various EPT hook detection approaches

从0开始编写Windows AMD-V Hook 驱动的个人项目，可能会G，不定期上传参考资料和进度

使用 EPT HOOK 适用于win7 和部分win10

从0开始编写Windows Intel VT-X Hook 驱动的个人项目

使用vt进行无痕hook，支持r3

Minimalistic AMD-V/SVM hypervisor with memory introspection capabilities

Simulate SendInput with ClassService

clearing traces of a loaded driver

usermode driver mapper that forcefully loads any signed kernel driver (legit cert) with a big enough section (example: .data, .rdata) to map your driver over. the main focus of this project is to p…

A slimmed-down, modified kd-mapper for game cheat development this repository removes unnecessary code, increases the reliability. It loads unsigned drivers safely. This kd-mapper instance is perfe…

Kernel-level memory cleaning signatures for Windows 11 24H2 (CacheBuckets, PiDDB, MmUnloadedDrivers)