Rust Iat_unhook_sample Resources

Home / Tag

1 Repositories

Sortby

Rust iat_unhook_sample Libraries

A library and binary for testing unhooking ntdll by identifying hooks via in-memory disassembly
A library and binary for testing unhooking ntdll by identifying hooks via in-memory disassembly

(First Public?) Sample of unhooking ntdll (All Exports & IAT imports) hooks in Rust using in-memory disassembly, avoiding direct syscalls and all hooked functions (incl. hooked NtProtectVirtualMemory)

Signal Labs 52 Apr 9, 2023