|
|
#13
05-30-2017, 04:32
|
|||
|
|||
|
Hider plugin for Syser
Get: https://yadi.sk/d/L0UKb6QK3JYPRY https://www.sendspace.com/file/hwp40a Steps: unpack (use same dir levels) syser_hide.dll -> Plugins, hide_generic.dll nearby main .exe Who wants might use hide_generic.dll in their projects. Steps: as easy as LoadLibrary() and we are cool! The dll sets up a hook over ZwWaitForDebugEvent() in debugger process and installs the rest of hooks and patches memory in a process under debug. The config is embedded inside the file itself in the following way: [\x00] - OFF any other char - ON Code:ZwQueryInformationProcess[x] ZwSetInformationThread[x] ZwClose[x] NtGlobalFlag[x] ProcessHeapFlag[x] IsDebuggerPresent[x] enjoy (c) by Veliant from exelab.ru resource You could reach him here https://exelab.ru/f/index.php?action=userinfo&user=3136 
|
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Does anybody know "Chris & Rich Williams" who are actually Turbo Debugger's authors | BlackWhite | General Discussion | 1 | 03-23-2025 00:36 |
| How come new registrants given "guest" rank and not even a "friend" rank? | OldieHans | General Discussion | 4 | 09-25-2023 12:19 |
| When use "vendor defined encryption routines", how to set daemon related part? | bridgeic | General Discussion | 6 | 01-22-2015 11:35 |
| Wlscgen: Are "Vendor Id" and "Developer Id" different ? | Numega Softice | General Discussion | 6 | 02-12-2007 18:12 |
Threaded Mode