Ahora57 / Unabomber
Improved VMP Idea(detect anti-anti-debug tools by bug)
☆41Updated last year
Alternatives and similar repositories for Unabomber:
Users that are interested in Unabomber are comparing it to the libraries listed below
- Kernel ReClassEx☆65Updated last year
- Library to manipulate drivers that expose a physical memory read/write primitive.☆24Updated last year
- PAGE_GUARD based hooking library☆42Updated 2 years ago
- Experiment with PAGE_GUARD protection to hide memory from other processes☆44Updated 8 months ago
- Freeze target threads (external - internal ) by avoiding SuspendThread detections. Or access registers from start address.☆32Updated last year
- ntoskrnl .data hooks for UM-KM communication☆37Updated 9 months ago
- POC Hook of nt!HvcallCodeVa☆50Updated last year
- ☆46Updated 3 years ago
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆57Updated last year
- ☆29Updated 5 months ago
- Symbolic Execution based on lifting amd64 to z3☆26Updated 8 months ago
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆71Updated last year
- A Hyper-V Hacking Framework For Windows 10 x64 (AMD & Intel)☆51Updated last year
- A poc that abuses Enclave☆37Updated 2 years ago
- ☆71Updated 2 years ago
- This is a POC Test project for INTEL CPUs on blocking NMI Entries through the IDT Handler.☆39Updated 5 months ago
- Kernel Level NMI Callback Blocker☆74Updated 6 months ago
- Driver shared section communication☆44Updated this week
- Expanding Kernel Lazy Importer☆30Updated 2 years ago
- C/C++ antidebugging library for Windows☆17Updated 2 months ago
- KDM Is a driver that will dumps every drivers that got manually mapped with kdmapper.☆53Updated 2 years ago
- just proof of concept. hooking MmCopyMemory PG safe.☆69Updated last year
- This is an EfiGuard BootLoader that can boot EfiGuard from Usermode with no USB or Setup as a Single Executable with automatic File Dumpi…☆47Updated 6 months ago
- A simple MmCopyMemory hook.☆36Updated 2 years ago
- A devirtualization engine for Themida.☆97Updated last year
- Discarded Section Manual Map☆65Updated 4 years ago
- mouseclassservicecallback detection via hook☆49Updated 3 years ago
- Obfuscate calls to imports by patching in stubs☆67Updated 3 years ago
- x64 Windows implementation of virtual-address to physical-address translation☆40Updated 3 years ago
- PointerGuard is a proof-of-concept tool used to create 'guarded' pointers which disguise pointer addresses, monitor reads/writes, and pre…☆52Updated 2 years ago