silence file system monitoring components by hooking their minifilters
☆61Jan 31, 2024Updated 2 years ago
Alternatives and similar repositories for MinifilterHook
Users that are interested in MinifilterHook are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- filter driver to hide files and directories☆25Feb 12, 2024Updated 2 years ago
- a windows kernel keylogger that works☆20Feb 12, 2024Updated 2 years ago
- KDP compatible unsigned driver loader leveraging a write primitive in one of the IOCTLs of gdrv.sys☆167Jun 14, 2024Updated last year
- Windows file system driver which allows to block access to files at run-time (C/C++, C#, WDK, SDK)☆13Jan 1, 2023Updated 3 years ago
- 正确解析 _HEAP_VS_***符号 ,支持在最新win11 24h2 运行,替换windbg自带的!pool命令☆17Nov 30, 2024Updated last year
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- Proof of Concept Kernel-User Communication using System Thread.☆14Sep 24, 2023Updated 2 years ago
- A Practical example of ELAM (Early Launch Anti-Malware)☆36Nov 12, 2021Updated 4 years ago
- PoC kernel to usermode injection☆109Feb 26, 2024Updated 2 years ago
- Just an example of a well-known technique to detect memory tampering via Windows Working Sets.☆18Jan 15, 2022Updated 4 years ago
- Hooking Heavens Gate in a weekend☆13Jan 1, 2022Updated 4 years ago
- Custom KiSystemStartup, can be used to modificate kernel before boot.☆53Apr 7, 2022Updated 3 years ago
- DUQU MALWARE SOURCE + BINARY + More coming☆13Feb 6, 2023Updated 3 years ago
- Freeze target threads (external - internal ) by avoiding SuspendThread detections. Or access registers from start address.☆35Mar 23, 2024Updated 2 years ago
- just proof of concept. hooking MmCopyMemory PG safe.☆85Nov 13, 2023Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- ☆11Jun 24, 2024Updated last year
- ☆33Dec 22, 2020Updated 5 years ago
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR☆21Feb 8, 2024Updated 2 years ago
- Abusing nvidia driver (nvoclock.sys) for physical/virtual memory and control register manipulation.☆280Mar 16, 2026Updated last week
- Self delete DLL (2)☆14Feb 15, 2024Updated 2 years ago
- Technion CS Ransomware Project: Writing Windows Mini-Filter Driver to protect PC from Ransomware☆37Feb 11, 2021Updated 5 years ago
- Detect removed thread from PspCidTable.☆75Mar 18, 2022Updated 4 years ago
- Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executabl…☆388Jan 29, 2022Updated 4 years ago
- CVE-2022-3699 with arbitrary kernel code execution capability☆70Dec 27, 2022Updated 3 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Recursive and arbitrary code execution at kernel-level without a system thread creation☆159Mar 16, 2026Updated last week
- Windows NT port of 'Main is usually a function. So then when is it not?'☆27Mar 11, 2024Updated 2 years ago
- Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.☆389Aug 8, 2021Updated 4 years ago
- some AV / EDR / analysis studies☆10May 21, 2023Updated 2 years ago
- windows kernel pagehook☆42Oct 30, 2022Updated 3 years ago
- POC about how to prevent windbg break☆15Oct 3, 2022Updated 3 years ago
- 将驱动映射到会话空间☆38Aug 27, 2022Updated 3 years ago
- manual map unsigned driver over signed memory☆222Apr 11, 2024Updated last year
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115May 21, 2023Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- ☆48Jul 7, 2024Updated last year
- Dangling COM Keys Finder☆17Nov 16, 2021Updated 4 years ago
- PoC exploit for HP Hardware Diagnostic's EtdSupp driver☆51May 13, 2023Updated 2 years ago
- ☆17Apr 18, 2023Updated 2 years ago
- Experiment to use sections as User/Kernelmode comm vector☆22Apr 7, 2023Updated 2 years ago
- Record & prevent file deletion in kernel mode☆46Jul 22, 2020Updated 5 years ago
- What makes it page☆17Aug 24, 2022Updated 3 years ago