changeofpace

changeofpace

Reverse engineering, windows internals, and hypervisors.

571 followers · 26 following

Achievements

x3 x2

Achievements

x3 x2

Overwatch-Dump-Fix Public

x64dbg plugin which removes anti-dumping and obfuscation techniques from the popular FPS game Overwatch.

C 247 69 GNU General Public License v3.0 Updated May 29, 2021
VivienneVMM Public

VivienneVMM is a stealthy debugging framework implemented via an Intel VT-x hypervisor.

C++ 815 187 MIT License Updated Sep 7, 2020
HyperPlatform Public
Forked from tandasat/HyperPlatform

Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.

C++ 2 1 MIT License Updated Jul 12, 2020
MouClassInputInjection Public

MouClassInputInjection implements a kernel interface for injecting mouse input data packets into the input data stream of HID USB mouse devices.

C++ 347 84 MIT License Updated Apr 20, 2020
MouHidInputHook Public

MouHidInputHook enables users to filter, modify, and inject mouse input data packets into the input data stream of HID USB mouse devices without modifying the mouse device stacks.

C++ 268 90 MIT License Updated Nov 3, 2019
Self-Remapping-Code Public

This program remaps its image to prevent the page protection of pages contained in the image from being modified via NtProtectVirtualMemory.

C++ 604 151 GNU General Public License v3.0 Updated Mar 19, 2019
Hex-Rays-Deep-Compile Public

Improves Hex-Rays output through batch decompilation.

C++ 67 21 GNU General Public License v3.0 Updated Dec 25, 2018
cheat-engine Public
Forked from cheat-engine/cheat-engine

Cheat Engine. A development environment focused on modding

Pascal 2 2 Updated Aug 17, 2018
ReClassEx Public
Forked from ajkhoury/ReClassEx

ReClassEx

C++ 5 1 MIT License Updated Feb 24, 2018
Remote-Process-Cookie-for-Windows-7 Public

Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.

C++ 22 6 GNU General Public License v3.0 Updated May 31, 2017
Simple-Injector Public

basic dll injector using Qt

C++ 20 10 GNU General Public License v3.0 Updated May 31, 2017
PE-Header-Dump-Utilities Public

This x64dbg plugin adds several commands for dumping PE header information by address.

C 63 15 GNU General Public License v3.0 Updated May 31, 2017
Force-Page-Protection Public

This x64dbg plugin sets the page protection for memory mapped views in scenarios which cause NtProtectVirtualMemory to fail.

C 117 38 GNU General Public License v3.0 Updated Mar 17, 2017
x64dbg Public
Forked from x64dbg/x64dbg

An open-source x64/x32 debugger for windows.

C++ 1 1 Other Updated Mar 4, 2017
Find-Exported-Xrefs Public

Given a global name in IDA Pro, find all xrefs which are contained in an exported function.

Python 11 6 Updated Jan 21, 2017
x64dbg-Anti-Debug-POC Public

viewing page boundaries of pages with PAGE_NOACCESS protection reveals the presence of x64dbg.

C++ 23 14 Updated Jan 1, 2017
Enumerate-GetKeyState-Calls-Using-Varying-nVirtKey Public

IDAPython script. Bookmark all instances of calls to GetAsyncKeyState and GetKeyState which use a varying value (e.g. not const shift/ctrl/alt modifiers) for the nVirtKey arg.

Python 5 5 Updated Oct 30, 2016

changeofpace

Achievements

Achievements

Overwatch-Dump-Fix Public

Uh oh!

VivienneVMM Public

Uh oh!

HyperPlatform Public

Uh oh!

MouClassInputInjection Public

Uh oh!

MouHidInputHook Public

Uh oh!

Self-Remapping-Code Public

Uh oh!

Hex-Rays-Deep-Compile Public

Uh oh!

cheat-engine Public

Uh oh!

ReClassEx Public

Uh oh!

Remote-Process-Cookie-for-Windows-7 Public

Uh oh!

Simple-Injector Public

Uh oh!

PE-Header-Dump-Utilities Public

Uh oh!

Force-Page-Protection Public

Uh oh!

x64dbg Public

Uh oh!

Find-Exported-Xrefs Public

Uh oh!

x64dbg-Anti-Debug-POC Public

Uh oh!

Enumerate-GetKeyState-Calls-Using-Varying-nVirtKey Public

Uh oh!