Ahora57 / VMP_UTILLinks
PoC over some VMP features
☆23Updated 2 months ago
Alternatives and similar repositories for VMP_UTIL
Users that are interested in VMP_UTIL are comparing it to the libraries listed below
Sorting:
- ☆35Updated 3 years ago
- Library to manipulate drivers that expose a physical memory read/write primitive.☆29Updated 2 years ago
- Detect suspend you process☆13Updated 2 years ago
- Kernel ReClassEx☆64Updated last year
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆72Updated 2 years ago
- POC Windows kernel driver that spoofs threads for NMI callbacks on x86-64.☆23Updated 6 months ago
- ☆26Updated 11 months ago
- A simple ida python script to find .data ptr☆51Updated 2 years ago
- just proof of concept. hooking MmCopyMemory PG safe.☆75Updated last year
- ☆82Updated last year
- Freeze target threads (external - internal ) by avoiding SuspendThread detections. Or access registers from start address.☆34Updated last year
- ☆72Updated 3 years ago
- Runtime Hyper-V Hijacking with DDMA☆62Updated last month
- PointerGuard is a proof-of-concept tool used to create 'guarded' pointers which disguise pointer addresses, monitor reads/writes, and pre…☆52Updated 3 years ago
- Just check hypervisor in ring0☆16Updated 2 years ago
- A lightweight BattlEye emulator of the launcher☆60Updated 3 years ago
- ☆58Updated 3 years ago
- ☆22Updated 3 years ago
- A library to assist with memory & code protection.☆64Updated last year
- Discarded Section Manual Map☆68Updated 5 years ago
- A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy☆96Updated 2 years ago
- Improved VMP Idea(detect anti-anti-debug tools by bug)☆46Updated 2 years ago
- Handling C++ & __try exceptions without the need of built-in handlers.☆72Updated 4 years ago
- ☆82Updated 2 years ago
- A Windows Direct Syscall Library☆49Updated 5 months ago
- Kernel Level NMI Callback Blocker☆123Updated last week
- Modmap updated to work on Windows 11☆28Updated 4 years ago
- Old project (2020) reformed. Modifies gRT->GetVariable sub function from EFI_APPLICATION. Tested on Win10 22H2 (AMD).☆54Updated last year
- This is an EfiGuard BootLoader that can boot EfiGuard from Usermode with no USB or Setup as a Single Executable with automatic File Dumpi…☆59Updated last week
- An advanced DKOM for drivers with "DRIVER_OBJECT"☆20Updated 2 years ago