Deputation / syscall_extractor
A C++ syscall ID extractor for Windows. Developed, debugged and tested on 20H2.
☆18Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for syscall_extractor
- Abusing RtlAdjustPrivilege and NtSetInformationProcess to cause a BSOD from usermode☆15Updated 2 years ago
- Translates WinDbg "dt" structure dump to a C structure☆13Updated 4 years ago
- NT reversal☆26Updated 6 years ago
- x64 assembler library☆32Updated 5 months ago
- ☆15Updated 4 years ago
- Analysing and defeating PatchGuard universally☆34Updated 4 years ago
- ☆23Updated last year
- Injector with kernel power☆16Updated 3 years ago
- Logging library for kernel drivers written for the Windows NT operating system.☆18Updated 5 months ago
- Driver Loader/BE Bypass/Win Malware(lol)☆34Updated 5 years ago
- Disable threat tracing from the kernel..☆12Updated 2 years ago
- Remote memory library in C++17.☆30Updated 6 years ago
- ☆29Updated 3 years ago
- win32/x64 obfuscate framework☆32Updated 5 years ago
- Small class to parse debug info from PEs, download their respective PDBs from the Microsoft Public Symbol Server and calculate RVAs of fu…☆41Updated last year
- ☆13Updated 3 years ago
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆48Updated 3 years ago
- What makes it page☆17Updated 2 years ago
- Some crazy PE executables protection kernel driver☆18Updated 4 years ago
- ☆29Updated last year
- A poc that abuses Enclave☆36Updated 2 years ago
- ☆18Updated 2 years ago
- Disk based DMA for ATA and SCSI☆14Updated last year
- RET / JMP RBX call spoofer☆9Updated 5 years ago
- Memory Guard Library☆11Updated 4 years ago
- A project on the Unicorn emulator to emulate the code of Pe files in windows☆19Updated 2 months ago
- ☆23Updated 5 years ago