ByteWhite1x1 / Driver-DKOMLinks
An advanced DKOM for drivers with "DRIVER_OBJECT"
☆19Updated 2 years ago
Alternatives and similar repositories for Driver-DKOM
Users that are interested in Driver-DKOM are comparing it to the libraries listed below
Sorting:
- ☆32Updated 3 years ago
- UM-KM Communication using registry callbacks☆40Updated 5 years ago
- Freeze target threads (external - internal ) by avoiding SuspendThread detections. Or access registers from start address.☆33Updated last year
- A simple MmCopyMemory hook.☆37Updated 3 years ago
- 将驱动映射到会话空间☆35Updated 2 years ago
- ☆53Updated 2 years ago
- A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy☆96Updated 2 years ago
- POC Hook of nt!HvcallCodeVa☆52Updated 2 years ago
- Hiding a system thread against conventional means of detection☆41Updated 4 years ago
- Old way for blocking NMI interrupts☆27Updated 2 years ago
- Mapping your code on a 0x1000 size page☆72Updated 3 years ago
- POC kernel driver with hidden system thread☆14Updated last year
- Virtual and physical memory hacking library using gigabyte vulnerable driver☆71Updated 2 years ago
- ☆55Updated 2 years ago
- Achieving code execution through abusing vectored exception handling☆17Updated 2 years ago
- just proof of concept. hooking MmCopyMemory PG safe.☆77Updated last year
- ☆41Updated 2 years ago
- Discarded Section Manual Map☆69Updated 5 years ago
- ☆42Updated 3 years ago
- A method to Disable DSE using .data ptr hooks☆33Updated last year
- Old project (2020) reformed. Modifies gRT->GetVariable sub function from EFI_APPLICATION. Tested on Win10 22H2 (AMD).☆51Updated last year
- clearing traces of a loaded driver☆49Updated 3 years ago
- ☆83Updated last year
- ☆26Updated 8 months ago
- ☆31Updated 10 months ago
- POC Windows kernel driver that spoofs threads for NMI callbacks on x86-64.☆23Updated 4 months ago
- search for a driver/dll module that has a wanted section bigger than the size of your image☆20Updated 3 years ago
- Allows for same-file KernelMode function execution using Encrypted addresses of Functions☆42Updated 9 months ago
- communicate with kernel using a image on disk☆16Updated last year
- ☆15Updated 4 years ago