Cr4sh / pico_dmaLinks
Autonomous pre-boot DMA attack hardware implant for M.2 slot based on PicoEVB development board
☆98Updated 2 years ago
Alternatives and similar repositories for pico_dma
Users that are interested in pico_dma are comparing it to the libraries listed below
Sorting:
- Windows kernel debugger for Linux hosts running Windows under KVM/QEMU☆106Updated last week
- SMM UEFI module and client for UMD privilege escalation☆64Updated 7 months ago
- uefi diskless persistence technique + OVMF secureboot bypass☆95Updated last year
- bypassing intel txt's tboot integrity checks via coreboot shim☆83Updated 9 months ago
- Abusing exceptions for code execution.☆113Updated 2 years ago
- SMM rootkit similar to LoJax or MosaicRegressor☆143Updated 2 years ago
- The sample DXE runtime driver demonstrating how to program DMA remapping.☆71Updated 2 years ago
- Exploit POC for CVE-2024-36877☆48Updated last year
- Generate a PDB file given the old PDB file and an address mapping☆51Updated 4 months ago
- Simple PoC for a bootkit written as a UEFI Option ROM Driver☆12Updated 3 years ago
- PoC that measures how long it takes the CPU to execute the CPUID instruction and reports if it suspects a VM. Works on both Windows and L…☆26Updated 5 years ago
- alternative smm driver for ryzen motherboards☆179Updated last year
- Example of using Windows Platform Binary Table (WPBT)☆26Updated 2 years ago
- SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.☆113Updated last year
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆257Updated 3 years ago
- Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures☆37Updated last year
- HyperDbg's logic analyzer and chip-level hardware debugger☆54Updated last year
- ☆40Updated 3 years ago
- BYOVD: Loading dbk64.sys and grabbing a handle to it☆161Updated 3 years ago
- CMake template for a basic EFI application/bootkit. This library is header-only, there is no EDK2 runtime!).☆79Updated 3 years ago
- Advanced driver monitoring utility.☆217Updated 3 years ago
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆79Updated 3 years ago
- A simple hypervisor demonstrating the use of the Intel VT-rp (redirect protection) technology.☆111Updated last year
- Another UEFI runtime bootkit☆33Updated 2 years ago
- IDA Taskr is a pure Python library for IDA Pro related parallel computing. It lets you use the power of Qt (built-in to IDA!) and Python'…☆30Updated last month
- The Windbg extensions to study Hyper-V on Intel and AMD processors.☆168Updated 4 months ago
- AMD Hypervisor written writh Rust.☆158Updated 2 years ago
- Win64 UEFI Driver-based tool for unrestricted memory R/W☆29Updated 3 years ago
- A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.☆89Updated last year
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆130Updated 2 years ago