GameDeception

Instead of a closed BETA, i thought to myself, an open BETA would just be as good.

We are back at 0.1 with the postfix "64" added to "HookShark". All following releases will support x64. HookShark is dead. HookShark64 is the new "product-line".

But HookShark 0.9 might not become obsolete right away. Not every feature was reimplemented. So in some cases, falling back to 0.9 is the only choice.

Disadvantages ...

contents:
pbstrings- meant for decoding pb's encrypted strings
wrapgen- creates wrappers for dlls from idbs
sigmaker light- only does the most basic tasks
sigmaker full- can create sigs automatically and has a wider variety of functions ( might be unstable on IDA 6.2 )

Credits:
xero|hawk, Tamimego, kynox

Link:
...

Bypassing EAC the easy way:

Hooking:
1. Open Olly; attach cs
2. search for the function you would normally hook
3. trace the function and it's subfunctions until you reach a call/jmp using an address from the .data section
4a. calculate position of parameters on the stack and hook the call/jmp from step 3
or if you want to be fancy
4b. hook the call/jmp from 3; use this hook to modify the function stack to exploit the RET ...

Taken from the readme due to laziness

...

Final Update: Upgrades have been completed.

Update Again: Rather than changing providers, the downtime will consist of just a hardware change. The site shouldn't be down for more than a few hours now.

Update: The move will happen on May 25th and will extend throughout the week.

The server will be physically moved from Dallas, TX to another location - GD will experience extended downtime due to this.

The server will go ...

Hey there,

as first post, I wanted to publish my detour library which I have just finished writing for one of my projects.

FEATURES

• Cross-platform x86 and x86-64 function detouring (Windows, Linux and other unixes)
• Object orientated programming
• Relocates overwritten original code
• Works on every common compiler (tested with VC8, VC9, VC10, MinGW and GCC 4.4)
• No typecasting on your side
• MIT license

In fact my main problem ...

I got sick of having to re-write everything that Dia2Dump produces, so I modified the source to produce C style classes, ready for use from the PDB. This isn't actually specific to BC2, this tool could be used for anything.

The usage is simple, exactly the same as with Dia2Dump.

e.g

Here's ...

After much work, I have a preview version ready for testing.
Warning: Buggy, unoptimized and still missing features

Watch the video or you may miss a few features like how to reorder the classes.

I'm looking for feedback on what features you would like added, how to make things work smoother, bugs etc...

After all features are stable, it may be another 4 years before the next version

PS: ...

Hi I have updated detourXS.

FEATURES

• x86/64 compatible without changing code
• Uses a lightweight length dasm
• Allows for infinite detour chaining
• Uses absolute detours only where necessary
• Easy to use, easy to set up

HOW TO INCLUDE
Copy the "DetourXS" folder into your source folder and include, #include "DetourXS/detourxs.h"

EXAMPLE USE
The package comes as an example ready to be compiled ...

Introducing the latest version of my tool QVMDisas.

As far as I know this is the first Golang release on GD. The code is ugly as hell and should by no means be considered a representation of the language, which is actually really awesome.

Should run just fine anywhere a Go implementation exists.

Main changes to be noted from previous releases:

• Allows saving of your work!
• Introduction of a "disassembly archive"

...

Hey guys,

this is a project I did about 1 year ago and I decided to release the sourcecode, because I don't really need it anymore and I think it could be useful for someone. It patches _KTHREAD of every new process through patching KiInitThread and PsConvertToGuiThread and then hooks NtGdiExtEscape to draw in CS1.6.
Some parts of the code are missing, you have to provide them yourself to get it running.

Credits:
OGC
rootkit.com ...