Cr4sh / pico_dmaLinks
Autonomous pre-boot DMA attack hardware implant for M.2 slot based on PicoEVB development board
☆92Updated last year
Alternatives and similar repositories for pico_dma
Users that are interested in pico_dma are comparing it to the libraries listed below
Sorting:
- Windows kernel debugger for Linux hosts running Windows under KVM/QEMU☆96Updated 3 months ago
- SMM UEFI module and client for UMD privilege escalation☆59Updated 3 months ago
- uefi diskless persistence technique + OVMF secureboot bypass☆92Updated last year
- Abusing exceptions for code execution.☆112Updated 2 years ago
- Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures☆35Updated 11 months ago
- BYOVD: Loading dbk64.sys and grabbing a handle to it☆158Updated 3 years ago
- A simple hypervisor demonstrating the use of the Intel VT-rp (redirect protection) technology.☆111Updated last year
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆253Updated 3 years ago
- SMM rootkit similar to LoJax or MosaicRegressor☆135Updated last year
- bypassing intel txt's tboot integrity checks via coreboot shim☆81Updated 6 months ago
- The Windbg extensions to study Hyper-V on Intel and AMD processors.☆164Updated 3 weeks ago
- Compact MBR Bootkit for Windows☆54Updated 3 years ago
- Exploit POC for CVE-2024-36877☆47Updated last year
- CMake template for a basic EFI application/bootkit. This library is header-only, there is no EDK2 runtime!).☆79Updated 3 years ago
- Example of using Windows Platform Binary Table (WPBT)☆23Updated 2 years ago
- HyperDbg's logic analyzer and chip-level hardware debugger☆55Updated last year
- Another UEFI runtime bootkit☆31Updated 2 years ago
- PoC that measures how long it takes the CPU to execute the CPUID instruction and reports if it suspects a VM. Works on both Windows and L…☆26Updated 5 years ago
- alternative smm driver for ryzen motherboards☆169Updated 11 months ago
- Generate a PDB file given the old PDB file and an address mapping☆49Updated last month
- The sample DXE runtime driver demonstrating how to program DMA remapping.☆62Updated last year
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆129Updated 2 years ago
- Simple Intel VT-x type-2 hypervisor for 64-bit Linux.☆19Updated 5 years ago
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆73Updated 2 years ago
- A Windows executable (PE) packer (x64) with LZMA compression and with full TLS (Thread Local Storage) support☆76Updated 3 months ago
- Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible. No …☆21Updated last year
- A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.☆82Updated last year
- SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.☆94Updated 11 months ago
- A list of awesome resources about HyperDbg☆74Updated this week
- WinLicense key extraction via Intel PIN☆102Updated last year