0mWindyBug / FileHide
filter driver to hide files and directories
☆20Updated last year
Alternatives and similar repositories for FileHide:
Users that are interested in FileHide are comparing it to the libraries listed below
- a windows kernel keylogger that works☆20Updated last year
- a driver to enumerate registered pnp callbacks for a particular interface class based on reversal of IoRegisterPlugPlayNotification☆11Updated last year
- silence file system monitoring components by hooking their minifilters☆56Updated last year
- Patches DSE by swapping both data ptrs located in SeValidateImageHeader && SeValidateImageData☆19Updated last year
- Hijack NotifyRoutine for a kernelmode thread☆41Updated 2 years ago
- direct systemcalls with a modern c++20 interface.☆42Updated 2 years ago
- Disk based DMA for ATA and SCSI☆23Updated last year
- Experiment to use sections as User/Kernelmode comm vector☆22Updated 2 years ago
- Using c++23 compile-time magic to produce obfuscated PIC strings and arrays.☆21Updated 10 months ago
- Compile-Time Strings and Numbers Encryption for C++20☆43Updated 2 months ago
- This is a POC Test project for INTEL CPUs on blocking NMI Entries through the IDT Handler.☆44Updated 6 months ago
- Bypassing kernel patch protection runtime☆20Updated 2 years ago
- ☆13Updated 4 years ago
- ☆22Updated last year
- Protected Process Light Library☆18Updated 4 years ago
- Elevate arbitrary MSR writes to kernel execution.☆33Updated last year
- Windows driver template, using C++20 & cmake & GithubActions☆22Updated 8 months ago
- Allows for same-file KernelMode function execution using Encrypted addresses of Functions☆34Updated 6 months ago
- A poc that abuses Enclave☆38Updated 2 years ago
- Compileable POC of namazso's x64 return address spoofer.☆51Updated 4 years ago
- Compile-Time Calls Obfuscator for C++14+☆43Updated last year
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆48Updated 2 years ago
- ☆24Updated last year
- ☆29Updated 6 months ago
- Using ioctl major function swaps to "spoof" the ARP table☆16Updated 7 months ago
- detect hypervisor with Nmi Callback☆34Updated 2 years ago
- x64 assembler library☆31Updated 10 months ago
- A method to Disable DSE using .data ptr hooks☆29Updated last year
- A simple present scene, kernel allocation injector.☆24Updated 2 years ago
- Protect a process from code injection, termination and hooking☆46Updated 3 years ago