-
就目前sdk提供的场景,附加进程应该是最少代码量即可实现,如果是装载exe dll,sys我不知道hyperdbg是否具有类似沙箱模型那种执行加载驱动的功能。
附加的方式对我来说可用场景太少,更多的是需要装载exe,dll,sys等模拟运行时然后执行的场景,这种方式能勾住更多的api和最佳hook时机。
然而目前sdk和驱动提供了中断控制,比如对调试寄存器控制实现断点,堆栈访问等等,这些都是在…
-
Intel has fairly recently posted a draft specification ( https://software.intel.com/content/dam/develop/external/us/en/documents-tps/346446-flexible-return-and-event-delivery.pdf ) for its planned FRE…
-
I tried to run python3.12 with box64 on rv64 platform (prior issue #1652 ) and used `BOX64_DYNAREC_TEST=1` to test the differences between dynarec and interpreter. I saw 4 differences about `cmp` inst…
-
Hi, while trying to build this example for kvm on arm64, some compiling errors occur as shown in logs. Any idea how to fix this?
**Logs:**
```
pi@raspberrypi:~/app-helloworld-cpp $ kraft configure …
-
When I compile Zydis with Visual Studio 2022, the resulting dll imports a number of functions from kernel32.dll.
I was under the impression that Zydis had no such dependencies. Is there some compi…
440bx updated
8 months ago
-
hi,i want bind these rep,
https://github.com/intelxed/xed
https://github.com/zyantific/zydis
https://github.com/HyperDbg/HyperDbg
https://github.com/NationalSecurityAgency/ghidra/tree/master…
-
Hi, i'm unable to compile any branch of this emulator.
I have the latest Visual Studio 2022 with:
- Desktop development with C++
- C++ Clang Compiler for Windows (17.0.3)
- MSBuild support for L…
-
Hi.
I pulled today the latest Zydis and compiled the kernel version. I do have enabled test signing mode and any other unsigned driver loads just fine with the NtLoadDriver (C#).
What's the cau…
-
**Describe the bug**
MOVSX implementation does not work when source operand is an 8-bit register.
```
[test] movsx eax, ah
[input]
rax : 0x7ffffffffffffffe
rip : 0x7ff7efc907e6
[output]
…
-
Package: zycore:x64-windows@1.5.0
**Host Environment**
- Host: x64-windows
- Compiler: MSVC 19.41.34120.0
- vcpkg-tool version: 2024-08-01-fd884a0d390d12783076341bd43d77c3a6a15658
vcpk…