兼容x32、x64 ,主要方法:hook调试器ReadProcessMemory、WriteProcessMemory、OpenProcess这几个函数,驱动实现了回调降权提权、句柄表降权提权、mdl读写
-
Notifications
You must be signed in to change notification settings - Fork 3
mizukiyyds/simple_debug_plugin
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
About
一个辅助调试器的工具,可以让调试器附加、读写被保护的进程如杀软(玩具项目,仅为巩固知识编写)
Topics
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published