Jump to content
Tuts 4 You

1 Screenshot

About This File

ScyllaHide is an advanced open-source x64/x86 usermode Anti-Anti-Debug library. It hooks various functions in usermode to hide debugging. This tool is intended to stay in usermode (ring3). If you need kernelmode (ring0) Anti-Anti-Debug please see TitanHide https://bitbucket.org/mrexodia/titanhide.

ScyllaHide supports various debuggers with plugins:

- OllyDbg v1 and v2 http://www.ollydbg.de

- x64_dbg http://x64dbg.com or https://bitbucket.org/mrexodia/x64_dbg

- Hex-Rays IDA v6+ https://www.hex-rays.com/products/ida/

- TitanEngine v2 https://bitbucket.org/mrexodia/titanengine-update and http://www.reversinglabs.com/open-source/titanengine.html

PE x64 debugging is fully supported with plugins for x64_dbg and IDA.

Please note: ScyllaHide is not limited to these debuggers. You can use the standalone commandline version of ScyllaHide. You can inject ScyllaHide in any process debugged by any debugger.

More information is available in the documentation: https://bitbucket.org/NtQuery/scyllahide/downloads/ScyllaHide.pdf

Source code license:

GNU General Public License v3 https://www.gnu.org/licenses/gpl-3.0.en.html

Special thanks to:

- What for his POISON Assembler source code https://tuts4you.com/download.php?view.2281

- waliedassar for his blog posts http://waleedassar.blogspot.de

- Peter Ferrie for his PDFs http://pferrie.host22.com

- MaRKuS-DJM for OllyAdvanced assembler source code

- MS Spy++ style Window Finder http://www.codeproject.com/Articles/1698/MS-Spy-style-Window-Finder


What's New in Version 0.1   See changelog

Released

No changelog available for this version.

  • Like 1

User Feedback

Recommended Comments

There are no comments to display.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...