C++ C Batchfile
Switch branches/tags
Nothing to show
Clone or download
Latest commit dfb6610 Jan 5, 2018 2
Mattiwatti NtUserBuildHwndList: do not assume the i+1th HWND is a safe replaceme…
…nt for the case of the HWND with i == 0 being the debugger process. This fixes EnumWindows() finding e.g. x64dbg despite the hook because it has multiple windows which can be obtained if i = 0, i = 1, i = 2... and so on
Permalink
Failed to load latest commit information.
3rdparty Update distorm Nov 26, 2017
ConfigCollection Update dbghelp for PDBReader to the Windows 8.1 SDK version - the lat… Jun 3, 2017
Documentation updated documentation + graphics Oct 2, 2016
HookLibrary NtUserBuildHwndList: do not assume the i+1th HWND is a safe replaceme… Jan 5, 2018
InjectorCLI WriteJumper: prefix a NOP before JMP when writing to the original add… Dec 2, 2017
PDBReader Remove hardcoded SDK version now that $(LatestTargetPlatformVersion) … Oct 22, 2017
PluginGeneric Rename CustomExceptionHandler to OllyExceptionHandler to more accurat… Oct 27, 2017
Scylla scl::vfmtw(): remove extraneous null byte being appended to the log f… Nov 11, 2017
ScyllaHideGenericPlugin Remove hardcoded SDK version now that $(LatestTargetPlatformVersion) … Oct 22, 2017
ScyllaHideIDAProPlugin Remove hardcoded SDK version now that $(LatestTargetPlatformVersion) … Oct 22, 2017
ScyllaHideIDAServer Remove hardcoded SDK version now that $(LatestTargetPlatformVersion) … Oct 22, 2017
ScyllaHideOlly1Plugin Rename CustomExceptionHandler to OllyExceptionHandler to more accurat… Oct 27, 2017
ScyllaHideOlly2Plugin Rename CustomExceptionHandler to OllyExceptionHandler to more accurat… Oct 27, 2017
ScyllaHideTEPlugin strcpy isn't better Oct 23, 2017
ScyllaHideX64DBGPlugin Replace usages of strncpy with strncpy_s, as only the latter guarante… Oct 23, 2017
ScyllaTest ScyllaTest: right-align test results and shorten some of the left sid… Nov 18, 2017
.editorconfig update .editorconfig Jan 4, 2017
.gitignore update .gitignore (#14) Nov 9, 2016
LICENSE changelog license Aug 16, 2014
README.md updated release + README May 31, 2017
ScyllaHide.sln Make HookLibrary depend on Scylla to fix VS2017 build Jun 3, 2017
changelog.txt update changelog Mar 3, 2017
release.bat delete release directory before building Jun 24, 2017

README.md

ScyllaHide

Build status

ScyllaHide is an advanced open-source x64/x86 usermode Anti-Anti-Debug library. It hooks various functions in usermode to hide debugging. This tool is intended to stay in usermode (ring3). If you need kernelmode (ring0) Anti-Anti-Debug please see TitanHide https://github.com/mrexodia/titanhide.

ScyllaHide supports various debuggers with plugins:

PE x64 debugging is fully supported with plugins for x64dbg and IDA.

Please note: ScyllaHide is not limited to these debuggers. You can use the standalone commandline version of ScyllaHide. You can inject ScyllaHide in any process debugged by any debugger.

More information is available in the documentation: https://bitbucket.org/NtQuery/scyllahide/downloads/ScyllaHide.pdf

Source code license: GNU General Public License v3 https://www.gnu.org/licenses/gpl-3.0.en.html


Special thanks to: