DbgHook plugin for Olly 2.1 hooks the classics functions used for antidebug��s tricks

sh3dow · #1 01-31-2015, 21:47

DbgHook is plugin for Olly 2.1 that hooks the classics functions used for antidebug's tricks, the driver is for Windows 7 x64 (tested on build 7600.16385.1), so for running it need to be registered and PatchGuard disabled (you can use tools like DSEO).
the plugin lets you control the following options:
-Flags
-Time (dynamic fake time,it freeze process's timers when you stop the execution,you can also chose a time's multiplication factor for clocks and RDTSC)
-Windows (hides Olly's window to debugged process)
-NtQuerySystemInformation
-NtSetDebugFilterState
-NtQueryInformationProcess
-NtOpenProcess
-NtClose
-NtUserBlockInput
-OutputDebugString
-NtTerminateProcess
-NtQueryInformationThread
-NtSetInformationThread
-Driver's name

the plugin by walter1945 from _https://quequero.org

from attachment(with builds and sources)

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
unlinker IDA - an IDA plugin for extracting functions from a PE file for later reuse	jonwil	Community Tools	10	02-26-2022 04:48
nice olly plugin	britedream	General Discussion	72	03-28-2004 04:50

The Following 7 Users Gave Reputation+1 to sh3dow For This Useful Post:
an0rma1 (02-02-2015), b30wulf (01-31-2015), emo (02-01-2015), Hypnz (02-01-2015), mr.exodia (02-01-2015), rooky2000 (01-31-2015), uel888 (02-01-2015)