Ahora57 / VMP_UTIL
PoC over some VMP features
☆12Updated 7 months ago
Related projects: ⓘ
- PAGE_GUARD based hooking library☆38Updated 2 years ago
- ☆41Updated this week
- Improved VMP Idea(detect anti-anti-debug tools by bug)☆18Updated last year
- Just check hypervisor in ring0☆13Updated last year
- Library to manipulate drivers that expose a physical memory read/write primitive.☆20Updated last year
- ☆50Updated this week
- Windows PDB parser for kernel-mode environment.☆82Updated last year
- A minimalistic way to spoof return addresses without using exceptions☆14Updated 2 years ago
- Experiment with PAGE_GUARD protection to hide memory from other processes☆31Updated 2 months ago
- POC Hook of nt!HvcallCodeVa☆49Updated last year
- sample bypass anti-anti-debug tool by race condition☆23Updated 2 years ago
- ☆12Updated 2 years ago
- just proof of concept. hooking MmCopyMemory PG safe.☆60Updated 10 months ago
- Freeze target threads (external - internal ) by avoiding SuspendThread detections. Or access registers from start address.☆29Updated 5 months ago
- ☆53Updated this week
- Using c++23 compile-time magic to produce obfuscated PIC strings and arrays.☆10Updated 3 months ago
- Mapping your code on a 0x1000 size page☆66Updated 2 years ago
- KDM Is a driver that will dumps every drivers that got manually mapped with kdmapper.☆48Updated 2 years ago
- Making syscall calls in regions with the SEC_NO_CHANGE flag☆24Updated 2 months ago
- ntoskrnl .data hooks for UM-KM communication☆33Updated 3 months ago
- ☆43Updated 11 months ago
- ☆10Updated this week
- A simple ida python script to find .data ptr☆44Updated last year
- ☆41Updated this week
- ☆46Updated last year
- ☆23Updated this week
- page table manipulation to gain physical r/w☆38Updated 4 months ago
- Visual Studio template for GNU-EFI☆13Updated 2 years ago
- ☆17Updated 2 years ago
- Old way for blocking NMI interrupts☆25Updated 2 years ago