Deputation / kernel_sockets_memory

Related projects: ⓘ

• qq1045551070 / ShotHv
  ShotHv
  ☆116Updated 2 years ago
• Oxygen1a1 / oxgenPdb
  a Windows kernel Pdb parsing and downloading library that running purely in kernel mode without any R3 programs.
  ☆108Updated last week
• crtdll / bedaisy-reversal
  Some psuedo snippets from BattlEye's BEDaisy.sys loaded on Rainbow Six: Siege.
  ☆116Updated 2 years ago
• UCFoxi / VTableKFunctionHook
  This project will give you an example how you can hook a kernel vtable function that cannot be directly called
  ☆78Updated 2 years ago
• 1401199262 / MemoryVirtualization
  ☆155Updated 2 years ago
• qq1045551070 / VtToMe
  之前学习X64VT写的代码，很多坑，但是大体的逻辑还是完整的。现发出来给更多想学VT的人参考...
  ☆67Updated 3 years ago
• ilovecsad / veh_hide_memory
  ☆68Updated 2 years ago
• huoji120 / CowInjecter
  滥用cow机制进行全局注入
  ☆89Updated 3 years ago
• Ahora57 / Roblox-Free-Exploit-Script-Executor-2023-April
  ☆93Updated this week
• armasm / dwmhook
  noob hooking dwm for overlay
  ☆71Updated 3 years ago
• TupleDev / HydraHook
  ☆60Updated this week
• cutecatsandvirtualmachines / DmaProtect
  Shows an example of how to implement VT-d/AMD-Vi on Windows
  ☆74Updated 11 months ago
• zoand / BOOM
  A Memory Read And Write the Hide Driver
  ☆63Updated 3 years ago
• huoji120 / MakeInfinityHookGreatAgain
  让Etwhook再次伟大! Make InfinityHook Great Again!
  ☆120Updated 3 years ago
• cs1ime / sehcall
  Windows X64 mode use seh in manual mapped dll or manual mapped sys
  ☆63Updated last year
• fengjixuchui / SharedMemory-By-Frankoo
  Kernel driver that uses Shared memory to communicate with UserMode
  ☆81Updated 5 years ago
• KANKOSHEV / Detect-KeAttachProcess
  Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.
  ☆108Updated 2 years ago
• wbaby / DoubleCallBack
  ☆131Updated 2 years ago
• Rythorndoran / PageTableHook
  ☆124Updated last year
• Kwansy98 / EasyPdb
  A very simple C++ library for download pdb, get rva of function, global variable and offset from struct.
  ☆106Updated 5 months ago
• Air14 / SymbolicAccess
  Static user/kernel mode library that allows access to all functions and global variables by extracting offsets from the PDB
  ☆69Updated last year
• DragonQuestHero / WindowsSyscallsEx
  Quick check of NT kernel exported&unexported functions/global variable offset NT内核导出以及未导出函数+全局变量偏移速查
  ☆90Updated last year
• zouxianyu / PhysicalMemoryRW
  the basic version of the ring0 physical memory read/write tool
  ☆86Updated 5 years ago
• huoji120 / huoji_debuger
  ayy debuger
  ☆87Updated 6 months ago
• HOOK11 / GsDriver
  ☆62Updated this week
• DragonQuestHero / DwmDraw
  不使用3环挂钩进行DWM桌面绘制
  ☆77Updated 2 years ago
• auth12 / sysmap
  x64 manual mapper using inline syscalls
  ☆6Updated 3 years ago
• EBalloon / Rw-No-Attach
  ☆145Updated 3 months ago
• armasm / skprotect_source
  x64 free protect Features 1.process/thread handle protect 2.anti taskmgr.exe 3.hide process 4.anti-debugger(user/kernel debugger)
  ☆78Updated 5 years ago
• IcEy-999 / Kernel-Special-APC-ReadProcessMemory
  Example of reading process memory through kernel special APC
  ☆91Updated last year