支持原项目,谢谢原项目作者,我只是改了改代码,以支持IDA7.5 ( 原本只支持IDA6.8 )。我觉得原作者应该会介意。
有事麻烦联系我删除。sorry
Thank you for the original project developer ScyllaHide Thanks、Thanks、Thanks!!!
only support windows PE. (X86 and X64)
Tips: in win32 mode, it only support the remote inject.
32bit (remote inject)
64bit. (remote & native inject)
吐血修复,各种bug,不一一列举了
ScyllaHide is an advanced open-source x64/x86 user mode Anti-Anti-Debug library. It hooks various functions to hide debugging. This tool is intended to stay in user mode (ring 3). If you need kernel mode (ring 0) Anti-Anti-Debug, please see TitanHide. Forked from NtQuery/ScyllaHide.
ScyllaHide supports various debuggers through plugins:
- OllyDbg v1 and v2
- x64dbg
- Hex-Rays IDA v6 (not supported)
- TitanEngine v2 (original and updated versions)
PE x64 debugging is fully supported with plugins for x64dbg and IDA.
Please note that ScyllaHide is not limited to these debuggers. You can use the standalone command line version of ScyllaHide. You can inject ScyllaHide into any process debugged by any debugger.
More information is available in the documentation (PDF).
ScyllaHide is licensed under the GNU General Public License v3.
- What for his POISON Assembler source code
- waliedassar for his blog posts
- Peter Ferrie for his PDFs
- MaRKuS-DJM for Olly Advanced
- Lim Bio Liong for MS Spy++ style Window Finder