Ahora57 / Unabomber

Related projects ⓘ

Alternatives and complementary repositories for Unabomber

• BeneficialCode / KReClassEx
  Kernel ReClassEx
  ☆63Updated last year
• nelfo / PGHooker
  PAGE_GUARD based hooking library
  ☆40Updated 2 years ago
• xu-Wan / HypercallPageHook
  POC Hook of nt!HvcallCodeVa
  ☆50Updated last year
• SamuelTulach / MemoryGuard
  Experiment with PAGE_GUARD protection to hide memory from other processes
  ☆39Updated 5 months ago
• mibho / x64dbg-vmp-trace
  unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…
  ☆52Updated 9 months ago
• illegal-instruction-co / ThreadIn
  Freeze target threads (external - internal ) by avoiding SuspendThread detections. Or access registers from start address.
  ☆30Updated 8 months ago
• helloobaby / Nmi-Callback
  detect hypervisor with Nmi Callback
  ☆34Updated 2 years ago
• ekknod / efi-monitor
  just proof of concept. hooking MmCopyMemory PG safe.
  ☆63Updated last year
• backengineering / VDM
  Library to manipulate drivers that expose a physical memory read/write primitive.
  ☆21Updated last year
• 1hAck-0 / zeroimport
  ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…
  ☆46Updated last year
• jonomango / chum
  Binary rewriter for 64-bit PE files.
  ☆43Updated 9 months ago
• GetRektBoy724 / KPDB
  Windows PDB parser for kernel-mode environment.
  ☆90Updated last year
• Sentient111 / ClearDriverTraces
  clearing traces of a loaded driver
  ☆44Updated 2 years ago
• gmh5225 / FakeEnclave
  A poc that abuses Enclave
  ☆36Updated 2 years ago
• 0mWindyBug / DataptrHooks
  ntoskrnl .data hooks for UM-KM communication
  ☆34Updated 5 months ago
• backengineering / Voyager
  A Hyper-V Hacking Framework For Windows 10 x64 (AMD & Intel)
  ☆41Updated last year
• weak1337 / CEDetector
  ☆44Updated 2 years ago
• 0mWindyBug / KernelInjector
  PoC kernel to usermode injection
  ☆60Updated 8 months ago
• ekknod / MouseClassServiceCallbackTrick
  ☆49Updated 2 years ago
• i32-Sudo / EfiGuardUsermodeLoader
  This is an EfiGuard BootLoader that can boot EfiGuard from Usermode with no USB or Setup as a Single Executable with automatic File Dumpi…
  ☆31Updated 2 months ago
• KANKOSHEV / Detect-MouseClassServiceCallback
  mouseclassservicecallback detection via hook
  ☆48Updated 2 years ago
• mike1k / ImportCallObfuscator
  Obfuscate calls to imports by patching in stubs
  ☆64Updated 3 years ago
• zer0condition / GDRVLib
  Virtual and physical memory hacking library using gigabyte vulnerable driver
  ☆70Updated last year
• DenuvoSoftwareSolutions / DVRT
  How Meltdown and Spectre haunt Anti-Cheat: DVRT details
  ☆20Updated 3 months ago
• i32-Sudo / SilentFunctionCaller
  Allows for same-file KernelMode function execution using Encrypted addresses of Functions
  ☆24Updated last month
• Hypercall / FakeEye
  A lightweight BattlEye emulator of the launcher
  ☆57Updated 2 years ago
• sodareverse / TDE
  A devirtualization engine for Themida.
  ☆91Updated 8 months ago