spp-stuff/README.md

# spp-stuff

Collection of random stuff

## Debugging """Guide"""

 - Put machine into testsigning (`bcdedit /set testsigning on`)
 - Install drivers under `drivers/` by running `install.cmd` in each folder
 - Install `sppdebug.reg` to have SPPSvc auto-suspend on startup
 - Use PPLcontrol to set debugger to `PP Windows` protection level
 - Use [ScyllaHide](https://github.com/x64dbg/ScyllaHide/releases/tag/v1.4) with VMProtect profile for debugging
 - Take care to avoid having debugger attached at the end of a [heap execute](https://github.com/WitherOrNot/warbird-docs/blob/main/WarbirdModern.md#heap-executes), or sppsvc will crash with Fast Fail Exception

## Credits

- asdcorp, abbodi, Lyssa - ImHex patterns
- asdcorp - SPP debug setup, `tokens_rebuild_v2.py`
Update README.md 2025-02-13 18:36:44 -05:00			`# spp-stuff`

			`Collection of random stuff`
Update README.md 2025-02-13 18:48:40 -05:00
			`## Debugging """Guide"""`

			- Put machine into testsigning (`bcdedit /set testsigning on`)
			- Install drivers under `drivers/` by running `install.cmd` in each folder
			- Install `sppdebug.reg` to have SPPSvc auto-suspend on startup
			- Use PPLcontrol to set debugger to `PP Windows` protection level
			`- Use [ScyllaHide](https://github.com/x64dbg/ScyllaHide/releases/tag/v1.4) with VMProtect profile for debugging`
			`- Take care to avoid having debugger attached at the end of a [heap execute](https://github.com/WitherOrNot/warbird-docs/blob/main/WarbirdModern.md#heap-executes), or sppsvc will crash with Fast Fail Exception`
Update README.md 2025-02-13 19:00:07 -05:00
			`## Credits`

Update README.md 2025-02-13 19:00:23 -05:00			`- asdcorp, abbodi, Lyssa - ImHex patterns`
			- asdcorp - SPP debug setup, `tokens_rebuild_v2.py`