Deputation / kernel_sockets_memory
Kernel-based memory hacking framework communicating with a kernel driver via sockets.
☆85Updated 3 years ago
Related projects: ⓘ
- ShotHv☆116Updated 2 years ago
- a Windows kernel Pdb parsing and downloading library that running purely in kernel mode without any R3 programs.☆108Updated last week
- Some psuedo snippets from BattlEye's BEDaisy.sys loaded on Rainbow Six: Siege.☆116Updated 2 years ago
- This project will give you an example how you can hook a kernel vtable function that cannot be directly called☆78Updated 2 years ago
- ☆155Updated 2 years ago
- 之前学习X64VT写的代码,很多坑,但是大体的逻辑还是完整的。现发出来给更多想学VT的人参考...☆67Updated 3 years ago
- ☆68Updated 2 years ago
- 滥用cow机制进行全局注入☆89Updated 3 years ago
- ☆93Updated this week
- noob hooking dwm for overlay☆71Updated 3 years ago
- ☆60Updated this week
- Shows an example of how to implement VT-d/AMD-Vi on Windows☆74Updated 11 months ago
- A Memory Read And Write the Hide Driver☆63Updated 3 years ago
- 让Etwhook再次伟大! Make InfinityHook Great Again!☆120Updated 3 years ago
- Windows X64 mode use seh in manual mapped dll or manual mapped sys☆63Updated last year
- Kernel driver that uses Shared memory to communicate with UserMode☆81Updated 5 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆108Updated 2 years ago
- ☆131Updated 2 years ago
- ☆124Updated last year
- A very simple C++ library for download pdb, get rva of function, global variable and offset from struct.☆106Updated 5 months ago
- Static user/kernel mode library that allows access to all functions and global variables by extracting offsets from the PDB☆69Updated last year
- Quick check of NT kernel exported&unexported functions/global variable offset NT内核导出以及未导出函数+全局变量偏移速查☆90Updated last year
- the basic version of the ring0 physical memory read/write tool☆86Updated 5 years ago
- ayy debuger☆87Updated 6 months ago
- ☆62Updated this week
- 不使用3环挂钩进行DWM桌面绘制☆77Updated 2 years ago
- x64 manual mapper using inline syscalls☆6Updated 3 years ago
- ☆145Updated 3 months ago
- x64 free protect Features 1.process/thread handle protect 2.anti taskmgr.exe 3.hide process 4.anti-debugger(user/kernel debugger)☆78Updated 5 years ago
- Example of reading process memory through kernel special APC☆91Updated last year