BeneficialCode / KReClassExLinks
Kernel ReClassEx
☆63Updated last year
Alternatives and similar repositories for KReClassEx
Users that are interested in KReClassEx are comparing it to the libraries listed below
Sorting:
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆72Updated last year
- Windows PDB parser for kernel-mode environment.☆99Updated last month
- A devirtualization engine for Themida.☆100Updated last year
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆61Updated last year
- A debugger library using VEH.☆62Updated 11 months ago
- POC Hook of nt!HvcallCodeVa☆52Updated 2 years ago
- A simple ida python script to find .data ptr☆51Updated 2 years ago
- Cheat for my own game SecureGame which uses a bootkit to hyperjack Hyper-V in order to access VBS enclave's memory☆64Updated 7 months ago
- Binary rewriter for 64-bit PE files.☆83Updated last year
- A Hyper-V Hacking Framework For Windows 10 x64 (AMD & Intel)☆74Updated last year
- ☆74Updated 2 years ago
- Improved VMP Idea(detect anti-anti-debug tools by bug)☆45Updated 2 years ago
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆56Updated 9 months ago
- A x86_64 software emulator☆135Updated this week
- Using MMIO (Memory-Mapped I/O) to read TPM 2.0 public Endorsement Key.☆48Updated last year
- intel vt-x type 2 hypervisor☆56Updated 3 months ago
- Kernel driver for detecting Intel VT-x hypervisors.☆189Updated 2 years ago
- A small tool for rapid enumeration of CPUID, and MSR fields.☆27Updated last year
- Handling C++ & __try exceptions without the need of built-in handlers.☆71Updated 3 years ago
- Custom KiSystemStartup, can be used to modificate kernel before boot.☆52Updated 3 years ago
- ☆24Updated 8 months ago
- A library to assist with memory & code protection.☆60Updated last year
- just proof of concept. hooking MmCopyMemory PG safe.☆77Updated last year
- 🪝 Different approaches for EPT hook detection☆115Updated this week
- Library to manipulate drivers that expose a physical memory read/write primitive.☆29Updated last year
- nmi stackwalking + module verification☆128Updated last year
- C++ library for parsing and manipulating PE files statically and dynamically.☆88Updated last year
- Bypassing EasyAntiCheat.sys self-integrity by abusing call hierarchy☆82Updated 2 years ago
- ☆31Updated 10 months ago
- ☆35Updated 6 months ago