a simple intel vt code both support x86 & x64. PatchGuard monitor.
☆77Oct 28, 2021Updated 4 years ago
Alternatives and similar repositories for Daat
Users that are interested in Daat are comparing it to the libraries listed below
Sorting:
- A C++ syscall ID extractor for Windows. Developed, debugged and tested on 20H2.☆21May 25, 2021Updated 4 years ago
- Windows Server 2K3 NT 5☆12Apr 14, 2021Updated 4 years ago
- Intel-VT-x/Hook Msr Build and Replace System Server Description Table.☆17Mar 14, 2025Updated 11 months ago
- Analysing and defeating PatchGuard universally☆36Nov 4, 2020Updated 5 years ago
- ☆125May 23, 2020Updated 5 years ago
- Experiment to use sections as User/Kernelmode comm vector☆22Apr 7, 2023Updated 2 years ago
- ☆116Oct 1, 2019Updated 6 years ago
- Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL☆219Nov 12, 2020Updated 5 years ago
- Some garbage drivers written for getting started☆65Dec 31, 2019Updated 6 years ago
- win10 pgContext dynamic dump (btc version)☆110Jan 15, 2020Updated 6 years ago
- The Kernel-Mode Winsock library, supporting TCP, UDP and Unix sockets (DGRAM and STREAM).☆284Jan 27, 2025Updated last year
- Page fault hook use ept (Intel Virtualization Technology)☆200Oct 19, 2016Updated 9 years ago
- Global DLL injector☆71May 16, 2021Updated 4 years ago
- x64 Windows privilege elevation using anycall☆22May 28, 2021Updated 4 years ago
- A native hypervisor designed for the Windows operating system☆125Mar 6, 2021Updated 4 years ago
- Open Course for diving security internal☆52Nov 11, 2019Updated 6 years ago
- 轻量级自动分析病毒程序调用上下文、游戏反调试实现技术平台☆100Jun 21, 2020Updated 5 years ago
- ☆14Mar 8, 2019Updated 6 years ago
- ☆15Mar 13, 2023Updated 2 years ago
- An example code of CiGetCertPublisherName☆17Mar 24, 2022Updated 3 years ago
- An Ark tool project,run on Win7 x86/x64☆118Jul 11, 2017Updated 8 years ago
- windows kernel pagehook☆42Oct 30, 2022Updated 3 years ago
- Windows Kernel Driver - Create a driver device in TDI layer of windows kernel to capture network data packets☆36Jul 21, 2014Updated 11 years ago
- Detect removed thread from PspCidTable.☆75Mar 18, 2022Updated 3 years ago
- ☆223Mar 11, 2023Updated 2 years ago
- Intel learning hypervisor and some extend function☆23Aug 23, 2025Updated 6 months ago
- Simple Demo of using Windows Hypervisor Platform☆29Jul 14, 2025Updated 7 months ago
- For Example. See Miro's Blog☆30Nov 26, 2022Updated 3 years ago
- 以前改进的cheat内核通信模块,现在EAC Detected,现在发出来☆55Jul 24, 2021Updated 4 years ago
- x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration☆388Jul 6, 2022Updated 3 years ago
- CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers☆145Sep 5, 2020Updated 5 years ago
- Example of reading process memory through kernel special APC☆111Apr 21, 2023Updated 2 years ago
- ayy debuger☆89Mar 3, 2024Updated 2 years ago
- Analyze Windows x64 Kernel Memory Layout☆129Nov 19, 2020Updated 5 years ago
- Windows Kernel Driver with C++ runtime☆181Sep 26, 2020Updated 5 years ago
- Windows Server 2K3 NT 5☆12Apr 17, 2021Updated 4 years ago
- A dll injector static library for Win x64 processes with handle elevation supported☆12Mar 28, 2021Updated 4 years ago
- Panda - is a set of utilities used to research how PsExec encrypts its traffic.☆12Apr 20, 2021Updated 4 years ago
- Hook NtDeviceIoControlFile with PatchGuard☆107May 10, 2022Updated 3 years ago