0mWindyBug / KDP-compatible-driver-loader

Related projects: ⓘ

• emlinhax / dse_hook
  load unsigned kernel-driver by patching dse in 248 lines
  ☆96Updated 5 months ago
• KameronHawk / Kernel-VAD-Injector
  Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver
  ☆140Updated last year
• 0mWindyBug / GhostMapperUM
  manual map unsigned driver over signed memory
  ☆152Updated 5 months ago
• jonomango / nohv
  Kernel driver for detecting Intel VT-x hypervisors.
  ☆167Updated last year
• ekknod / acdrv
  base for testing
  ☆146Updated this week
• Deputation / instrumentation_callbacks
  A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.
  ☆111Updated 2 years ago
• cutecatsandvirtualmachines / SKLib
  Standard Kernel Library for Windows hacking in C++
  ☆57Updated last month
• MmMapIoSpace / UCMapper
  Unknowncheats Magically Optimized Tidy Mapper using nvaudio
  ☆91Updated 3 months ago
• EBalloon / Rw-No-Attach
  ☆145Updated 3 months ago
• donnaskiez / nmi
  nmi stackwalking + module verification
  ☆78Updated 8 months ago
• SamuelTulach / RwxMeme
  State of the art DLL injector that took 20 minutes to make
  ☆195Updated last year
• estimated1337 / lenovo_mapper
  driver manual mapper powered by https://github.com/estimated1337/lenovo_exec
  ☆100Updated last year
• not-wlan / driver-hijack
  ☆150Updated 4 years ago
• Deputation / hygieia
  Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.
  ☆133Updated 2 years ago
• armvirus / CosMapper
  Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.
  ☆260Updated 3 years ago
• hypervisor / kli
  Kernel Lazy Importer
  ☆107Updated 5 months ago
• KANKOSHEV / Detect-KeAttachProcess
  Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.
  ☆108Updated 2 years ago
• VollRagm / lpmapper
  A mapper that maps shellcode into loaded large page drivers
  ☆215Updated 2 years ago
• zer0condition / Demystifying-PatchGuard
  Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…
  ☆100Updated last year
• zer0condition / GDRVLib
  Virtual and physical memory hacking library using gigabyte vulnerable driver
  ☆69Updated last year
• Oliver-1-1 / GhostMapper
  ☆212Updated last week
• Vasie1337 / Kernel-Anticheat
  Check your detection vectors
  ☆132Updated last year
• NullTerminatorr / NullHook
  Kernel driver that .text hooks a syscall in dxgkrnl.sys which can be called from our user-mode client to send instructions like rpm/wpm a…
  ☆129Updated last year
• weak1337 / NO_ACCESS_Protection
  ☆173Updated 2 years ago
• 4l3x777 / dse_pg_bypass
  DSE & PG bypass via BYOVD attack
  ☆34Updated 5 months ago
• SamuelTulach / DirectPageManipulation
  A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy
  ☆75Updated last year
• SDXT / MMInject
  Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL
  ☆188Updated 3 years ago
• oakboat / RTCore64_Vulnerability
  Use RTCore64 to map your driver on windows 11.
  ☆90Updated 5 months ago
• Sentient111 / KernelDrawing
  Drawing from kernelmode without any hooks
  ☆154Updated 2 years ago
• gmh5225 / CallMeWin32kDriver
  Load your driver like win32k.sys
  ☆242Updated 2 years ago