4l3x777 / dse_pg_bypass
DSE & PG bypass via BYOVD attack
☆43Updated 11 months ago
Alternatives and similar repositories for dse_pg_bypass:
Users that are interested in dse_pg_bypass are comparing it to the libraries listed below
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆116Updated last year
- A simple tool to assemble shellcode ready to be copy-pasted into code☆68Updated 2 years ago
- nmi stackwalking + module verification☆107Updated last year
- Windows PDB parser for kernel-mode environment.☆95Updated 2 years ago
- Compileable POC of namazso's x64 return address spoofer.☆51Updated 4 years ago
- POC Hook of nt!HvcallCodeVa☆49Updated last year
- ntoskrnl .data hooks for UM-KM communication☆36Updated 9 months ago
- Freeze target threads (external - internal ) by avoiding SuspendThread detections. Or access registers from start address.☆31Updated 11 months ago
- ☆40Updated 3 years ago
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆48Updated last year
- Tool to dump EFI runtime drivers.☆35Updated last year
- Unknowncheats Magically Optimized Tidy Mapper using nvaudio☆117Updated 9 months ago
- ☆10Updated 2 years ago
- spoof return address☆73Updated last year
- TS-Changer - Forces the machine in/out of TestSigning Mode at runtime.☆65Updated last year
- Kernel ReClassEx☆65Updated last year
- Hiding a system thread against conventional means of detection☆39Updated 4 years ago
- Kernel driver for detecting Intel VT-x hypervisors.☆176Updated last year
- manual map unsigned driver over signed memory☆186Updated 11 months ago
- Virtual and physical memory hacking library using gigabyte vulnerable driver☆70Updated last year
- ☆52Updated 2 years ago
- Experiment with PAGE_GUARD protection to hide memory from other processes☆45Updated 8 months ago
- ☆44Updated last month
- ☆73Updated 10 months ago
- PAGE_GUARD based hooking library☆42Updated 2 years ago
- Translate virtual addresses to physical addresses from usermode.☆36Updated 9 months ago
- CVE-2022-3699 with arbitrary kernel code execution capability☆68Updated 2 years ago
- Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling withou…☆192Updated 4 months ago
- hidden_syscall - syscaller without using syscall instruction in code☆60Updated 2 years ago