hypervisor enforced patch protection for the linux kernel with xen + libvmi, libvmi KASLR offset spoofer
☆34Apr 22, 2024Updated last year
Alternatives and similar repositories for hvICE
Users that are interested in hvICE are comparing it to the libraries listed below
Sorting:
- uefi diskless persistence technique + OVMF secureboot bypass☆95Apr 22, 2024Updated last year
- Golang Command & Control Server For Managing And Remote Accessing Machines Via Web Interface☆13Apr 13, 2023Updated 2 years ago
- Rootkit breaker - experimental Linux anti-rootkit tool based on kprobes☆12Sep 30, 2020Updated 5 years ago
- A custom ELF linker/loader for installing ET_REL binary patches at runtime☆197Feb 13, 2026Updated 2 weeks ago
- Basic Linux binary shim method on the passwd binary from the shadow package to steal credentials as they are changed.☆14Nov 14, 2024Updated last year
- Memory management is one of the most important parts of the operating system. KSM (Kernel Samepage Merging) in Linux kernel is a kind of…☆13Apr 8, 2018Updated 7 years ago
- Windows driver uitls☆17Dec 8, 2014Updated 11 years ago
- ☆13Jul 31, 2020Updated 5 years ago
- Microsoft Windows real time file integrity monitoring and filtering using minifilter technology, this is was my university final project☆11Oct 17, 2014Updated 11 years ago
- Linux Kernel Module Rootkit with module hiding, RCE/reverse shell, and persistence capabilities☆15Feb 23, 2023Updated 3 years ago
- This is my own programming language called fluffy(similar to python)☆13Apr 12, 2020Updated 5 years ago
- Linux Sleep Obfuscation☆112Jan 7, 2024Updated 2 years ago
- x86 virtualization study notes using Intel VT-x☆22Jan 3, 2014Updated 12 years ago
- automates exploits using ROP chains, using ntdll-scraper☆16May 26, 2022Updated 3 years ago
- Bare Knuckled AV Breaking☆58Aug 30, 2018Updated 7 years ago
- bypassing intel txt's tboot integrity checks via coreboot shim☆83Mar 15, 2025Updated 11 months ago
- idb2pat plugin, fixed to work with IDA 6.2☆23Oct 8, 2011Updated 14 years ago
- ☆21Jan 24, 2016Updated 10 years ago
- ☆48Jun 30, 2020Updated 5 years ago
- a kernel mode solution for detecting and prevent malicious threads creation in target process☆22Jan 13, 2026Updated last month
- Stealthy Injector that leverages a vulnerable driver and other exploits to remain undetected☆37Dec 10, 2018Updated 7 years ago
- AMD SVM hypervisor rootkit proof of concept☆49Sep 23, 2023Updated 2 years ago
- ☆23May 8, 2023Updated 2 years ago
- ☆23Mar 6, 2023Updated 2 years ago
- HEVD Multi-Exploit by m_101☆23Jun 24, 2018Updated 7 years ago
- A WDM Windows driver to issue IO to storage devices with asynchronous multithreaded processing☆21Aug 28, 2016Updated 9 years ago
- Ida Pro debugger module for Playstation 3☆48Sep 14, 2022Updated 3 years ago
- A pcap capture analysis helper☆25Aug 30, 2023Updated 2 years ago
- LLDB based debugger for Linux Kernel☆28Apr 5, 2025Updated 10 months ago
- reverse engineering of the windows nt kernel debugger protocol & reimplementation.☆36Jul 2, 2024Updated last year
- HTTP/HTTPS/DNS inspector (windows driver)☆27Feb 20, 2019Updated 7 years ago
- Listens for Firewall rule match events generated by Microsoft Hyper-V Virtual Filter Protocol (VFP) extension.☆31Jan 26, 2021Updated 5 years ago
- Disassembler for Zeus VM custom instruction set☆31Feb 12, 2024Updated 2 years ago
- 管道监视器,类似于spyxx之类的东西,一般用于监视目标进程的系统调用.关键词:detours+piep☆23Feb 26, 2014Updated 12 years ago
- Very very useful example of loading and relocating the (Win32) DLL from memory (!) which allows many possibilities and much more flexibil…☆20Jan 2, 2013Updated 13 years ago
- HelloAmdHvPkg is a type-1 research hypervisor for AMD processors.☆106Jun 28, 2020Updated 5 years ago
- The Windbg extensions to study Hyper-V on Intel and AMD processors.☆171Feb 10, 2026Updated 3 weeks ago
- This is a POC for loading shared object directly from memory without accessing the actual Linux file system.☆22Jan 2, 2021Updated 5 years ago
- WinDbg Copilot - Agentic Debugging extension☆66Feb 21, 2026Updated last week