Awesome

ColdHide

ColdHide is a mini and simple open source user mode anti-anti debug library x86/x64 for Windows. To inject this library try using ColdMDLoader.

Hooks

• PEB hooking
• NtQueryInformationProcess
• NtClose
• Drx hooking
• NtQueryObject
• NtQuerySystemInformation
• NtSetInformationThread
• NtSetInformationProcess
• NtCreateThreadEx
• NtYieldExecution
• NtSetDebugFilterState
• Process32FirstW
• Process32NextW
• GetTickCount
• GetTickCount64
• Anti-Anti attach

Build requirements

• MSVC 2019 or higher build tools are required to compile this project.

Credits

• Zydis (Disassembler engine)
• ColdHook (Hooking library)