http://localhost:65527MeiNanZiHalo v2.25.4zh-cnThu, 25 Jun 2026 20:58:28 GMThttp://localhost:65527/archives/vsshuang-ji-diao-shi1.VS201X 以下任一版本都可以： Visual Studio Community 201X， Visual Studio Professional 201X,Visual Studio Enterprise 201X. （根据：以前的 WDK 版本和其他下载 - Windows drivers]]>/archives/vsshuang-ji-diao-shiAdministratorThu, 25 Jun 2026 20:13:53 GMThttp://localhost:65527/archives/windows-nei-he-shu-biao-yuan-ma1765185661-kernel-mouse-main.zip]]>/archives/windows-nei-he-shu-biao-yuan-maAdministratorThu, 25 Jun 2026 20:13:35 GMThttp://localhost:65527/archives/windows-x64-ping-tai-qu-dong-ji-nei-cun-du-xie-ku1765186975-ZfDriver-main.zip Windows X64 平台驱动级内存读写库，方便无痕游戏辅助开发 目前支持：Win10 ~ Latest Warning: Progressing Project... API: static BOOL Install(); // 驱动安装]]>/archives/windows-x64-ping-tai-qu-dong-ji-nei-cun-du-xie-kuAdministratorThu, 25 Jun 2026 20:12:25 GMThttp://localhost:65527/archives/ling-yi-ge-yin-cang-jia-zai-de-qu-dong-yuan-ma1765187315-hidedriver-normal-main.zip 1.修复了原作者中ImageDirectoryEntryToData函数会异常，重写同样功能函数； 2......记不得了； 符号解析器：Oxygen1a1/oxgenPdb: a Windows kernel Pdb pa]]>/archives/ling-yi-ge-yin-cang-jia-zai-de-qu-dong-yuan-maAdministratorThu, 25 Jun 2026 20:11:41 GMThttp://localhost:65527/archives/kdmapperjia-zai-wu-qian-ming-qu-donggithub地址]]>/archives/kdmapperjia-zai-wu-qian-ming-qu-dongAdministratorThu, 25 Jun 2026 20:11:12 GMThttp://localhost:65527/archives/zi-jian-shi-jian-chuo-fu-wu-qi-shi-xian-wei-qian-ming-qu-dong-zheng-shuhttps://github.com/PIKACHUIM/FakeSign]]>/archives/zi-jian-shi-jian-chuo-fu-wu-qi-shi-xian-wei-qian-ming-qu-dong-zheng-shuAdministratorThu, 25 Jun 2026 20:11:00 GMThttp://localhost:65527/archives/chuan-qi-si-fu-wai-gua-kai-fa-you-yuan-ma引言: 论坛还没有关于传奇私服外挂开发的文章，于是把我前段时间开发过的一款外挂分享出来。传奇私服如火如荼，经过我们统计，有1000多个传奇私服登陆器。本文只针对一款特定的私服做外挂开发，但原理都是一样的。本文有基础介绍，有难点分析，有针对玩家挂机体验做优化，有源码(见附件)。但文章只做研究用，请勿用]]>/archives/chuan-qi-si-fu-wai-gua-kai-fa-you-yuan-maAdministratorThu, 25 Jun 2026 20:10:44 GMThttp://localhost:65527/archives/yin-bi-tong-xun-chang-jian-zhong-lei-jie-shao正常通信流程： R3->符号链接->设备对象->驱动对象->驱动功能 驱动通信实质上是设备通信 设备是挂在驱动上的DeviceObject上面的 正常IO通信 R0： //创建设备名称 UNICODE_STRING Devicename; RtlInitUnicodeString(&Devicena]]>/archives/yin-bi-tong-xun-chang-jian-zhong-lei-jie-shaoAdministratorThu, 25 Jun 2026 20:09:24 GMThttp://localhost:65527/archives/wu-hen-jia-zai-qu-dong-mo-kuai-zhi-gui-lei-qu-dong-shang驱动加载与ark遍历原理 正常通过服务加载的驱动会显示在ark工具的列表里 CreateServiceA OpenSCManagerA StartServiceA ControlService DeleteService]]>/archives/wu-hen-jia-zai-qu-dong-mo-kuai-zhi-gui-lei-qu-dong-shangAdministratorThu, 25 Jun 2026 20:08:49 GMThttp://localhost:65527/archives/wu-hen-jia-zai-qu-dong-mo-kuai-zhi-lou-qu-li-yong-xia回顾傀儡驱动加载致命缺点 x64上微软增加了驱动签名机制，我们的傀儡驱动依旧需要签名，虽然泄露的sha1签名目测来看能用到微软倒闭，或者花钱买一张白签名(干坏事会被吊销)但是依然存在问题，如果能让微软的白驱动“帮忙”加载我们的功能驱动就好了。 kdmapper漏驱利用 早期驱动开发安全意识不足，导致]]>/archives/wu-hen-jia-zai-qu-dong-mo-kuai-zhi-lou-qu-li-yong-xiaAdministratorThu, 25 Jun 2026 20:08:27 GMThttp://localhost:65527/archives/jin-cheng-yin-cang-dui-kang进程隐藏作用 1.使用户无法在任务管理器中看到进程 2.躲避安全软件的信息查询 进程隐藏有两种实现方式： 1.通过hook 查询进程api来过滤要保护的进程，例如ZwQuerySystemInformation； 2.是通过抹除系统结构中关于进程的信息，如断链EPROCESS中的ActiveProc]]>/archives/jin-cheng-yin-cang-dui-kangAdministratorThu, 25 Jun 2026 20:07:48 GMThttp://localhost:65527/archives/jin-cheng-wei-zhuang-yuan-li-yu-po-chu首先演示下进程伪装的效果 伪装前 伪装后]]>/archives/jin-cheng-wei-zhuang-yuan-li-yu-po-chuAdministratorThu, 25 Jun 2026 20:07:29 GMThttp://localhost:65527/archives/cong-uefi-jie-chi-qi-dong-lian-shi-xian-hyper-v-nei-he-du-xie-wu-xu-jia-zai-qu-dong本文档介绍基于 noahware/hyper-reV 的虚拟内存访问类 GuestMemory，以及用于定位目标进程 CR3、EPROCESS、PEB、模块基址的四个内核工具函数。]]>/archives/cong-uefi-jie-chi-qi-dong-lian-shi-xian-hyper-v-nei-he-du-xie-wu-xu-jia-zai-qu-dongAdministratorThu, 25 Jun 2026 20:07:06 GMThttp://localhost:65527/archives/proxybridgezhi-ding-jin-cheng-socks5dai-li-gong-juhttps://github.com/InterceptSuite/ProxyBridge]]>/archives/proxybridgezhi-ding-jin-cheng-socks5dai-li-gong-juAdministratorThu, 25 Jun 2026 20:06:35 GMThttp://localhost:65527/archives/kai-qi-vmwarezhong-de-vnc在vmware设置中开启vnc后，端口不能和其他有开启vnc服务的虚拟机重复，另外vnc客户端连接的时候要填127.0.0.1或者是宿主机局域网ip]]>/archives/kai-qi-vmwarezhong-de-vncAdministratorThu, 25 Jun 2026 20:06:21 GMThttp://localhost:65527/archives/unrealvtdbg_cv-vtnei-he-diao-shi-qi-yuan-maUnrealVTDbg_cv-master.zip 如何编译该项目 编译器：VS2019 SDK: 10.0.019041或最新版本 WKD: WDK10 打开UnrealDbg.sln然后直接编译就行了，注意，需要编译64位版本 UnrealDbgDll只能编译release版本，至于UI则是Un]]>/archives/unrealvtdbg_cv-vtnei-he-diao-shi-qi-yuan-maAdministratorThu, 25 Jun 2026 20:06:05 GMThttp://localhost:65527/archives/vmwarehardenedloader-vmwareguo-jian-ce-qu-dong-yuan-maVMwareHardenedLoader VMware Hardened VM detection mitigation loader For now, only Windows (vista~win10) x64 guests are supported. It get VMware guest]]>/archives/vmwarehardenedloader-vmwareguo-jian-ce-qu-dong-yuan-maAdministratorThu, 25 Jun 2026 20:03:50 GMT