1401199262 / Hook-KdTrap
☆180Updated last year
Related projects: ⓘ
- r/w virtual memory without attach☆144Updated 11 months ago
- ☆131Updated 2 years ago
- ☆155Updated last year
- Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver☆140Updated last year
- ☆155Updated 2 years ago
- Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL☆188Updated 3 years ago
- Kernel dwm render☆120Updated 11 months ago
- 从MmPfnData中枚举进程和页目录基址☆121Updated last year
- a Windows kernel Pdb parsing and downloading library that running purely in kernel mode without any R3 programs.☆108Updated last week
- ☆114Updated 11 months ago
- base for testing☆146Updated this week
- ☆145Updated 3 months ago
- etw hook (syscall/infinity hook) compatible with the latest Windows version of PG☆186Updated 4 months ago
- Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.☆260Updated 3 years ago
- Unknowncheats Magically Optimized Tidy Mapper using nvaudio☆91Updated 3 months ago
- Standard Kernel Library for Windows hacking in C++☆57Updated last month
- ☆124Updated last year
- load unsigned kernel-driver by patching dse in 248 lines☆96Updated 5 months ago
- A mapper that maps shellcode into loaded large page drivers☆215Updated 2 years ago
- Easy Anti PatchGuard☆212Updated 3 years ago
- Check your detection vectors☆132Updated last year
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆108Updated 2 years ago
- Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executabl…☆279Updated 2 years ago
- Shows an example of how to implement VT-d/AMD-Vi on Windows☆74Updated 11 months ago
- A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.☆111Updated 2 years ago
- This project migrated to https://github.com/backengineering/llvm-msvc☆140Updated last year
- Load your driver like win32k.sys☆242Updated 2 years ago
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆133Updated 2 years ago
- 09/2021 reversal of EasyAntiCheat driver☆194Updated 2 years ago
- manual map unsigned driver over signed memory☆152Updated 5 months ago