Tool to demonstrate how to spy custom GetProcAddress. It sets PAGE_GUARD on export.AddressOfFunctions and monitors access to it.
Small program to list all symbols from ntoskrnl.exe. It can list enums, structures, and give you addresses of all symbols in ntoskrnl.exe.
Ultimate Hooking Engine is easy to use hooking engine for Win32 APIs. All you need to do is to provide hooking dll and engine will perfrom hooking. Please check readme.txt in archive and C/asm examples. No need to pay for hooking/loging engines anymore when you can use it for free!!!
Engine whcih will get size of instructions, writen as offset indipendent code, so it can be used in viruses, loaders, and other codes where offset indipendent code is needed.
Use TF to decrypt current instruction, and to encrypt previous. Code stays crypted all the time during execution, untill someone doesn't decypt it fully :)
Workaround to make TLS CallBack in tasm32, nothing advanced, only some simple PE Patching.
Code demonstrates how to reallocate resources such that those won't be present in the image when it is dumped to the disk. This won't stop good unpackers, but will certainly stop beginners that got used to "Count exception, set memory break point, dump, imprec and voila".