A C++ syscall ID extractor for Windows. Developed, debugged and tested on 20H2.
☆21May 25, 2021Updated 4 years ago
Alternatives and similar repositories for syscall_extractor
Users that are interested in syscall_extractor are comparing it to the libraries listed below
Sorting:
- a simple intel vt code both support x86 & x64. PatchGuard monitor.☆77Oct 28, 2021Updated 4 years ago
- Source code on the 1.44MB 3.5 floppy accompanying the Windows NT File System Internals book.☆20Jul 31, 2019Updated 6 years ago
- Kernel-based memory hacking framework communicating with a kernel driver via sockets.☆97May 25, 2021Updated 4 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- A kernel mode Windows rootkit in development.☆49Dec 31, 2021Updated 4 years ago
- A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.☆157Nov 14, 2021Updated 4 years ago
- An x64 page table iterator written in C++ as a kernel mode windows driver.☆119May 25, 2021Updated 4 years ago
- ☆15Mar 13, 2023Updated 3 years ago
- Simple Demo of using Windows Hypervisor Platform☆29Jul 14, 2025Updated 8 months ago
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆51Mar 11, 2021Updated 5 years ago
- Experiment to use sections as User/Kernelmode comm vector☆22Apr 7, 2023Updated 2 years ago
- VT Hook☆51Jul 2, 2024Updated last year
- Handling C++ & __try exceptions without the need of built-in handlers.☆77Aug 28, 2021Updated 4 years ago
- An example code of CiGetCertPublisherName☆16Mar 24, 2022Updated 3 years ago
- Bypassing kernel patch protection runtime☆22Feb 19, 2023Updated 3 years ago
- ☆17Oct 31, 2022Updated 3 years ago
- ☆14Nov 29, 2021Updated 4 years ago
- ☆18Mar 28, 2023Updated 2 years ago
- Disable NMI Callbacks with Kernelmode Driver☆18Mar 15, 2023Updated 3 years ago
- Hooking Heavens Gate in a weekend☆13Jan 1, 2022Updated 4 years ago
- Dangling COM Keys Finder☆17Nov 16, 2021Updated 4 years ago
- Analysing and defeating PatchGuard universally☆36Nov 4, 2020Updated 5 years ago
- An advanced DKOM for drivers with "DRIVER_OBJECT"☆22Feb 19, 2023Updated 3 years ago
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆151Feb 12, 2022Updated 4 years ago
- ☆23May 8, 2023Updated 2 years ago
- clearing traces of a loaded driver☆47Jul 2, 2022Updated 3 years ago
- POC Hook of nt!HvcallCodeVa☆54May 8, 2023Updated 2 years ago
- Not mine. Only for saving☆26Jun 28, 2022Updated 3 years ago
- mouseclassservicecallback detection via hook☆52Feb 7, 2022Updated 4 years ago
- collection of code snippets,windbg,python scripts and resources☆13Jul 11, 2022Updated 3 years ago
- Dumps information about all the callback objects found in a dump file and the functions registered for them☆38Oct 21, 2020Updated 5 years ago
- Anti-Rootkit Tool for Windows☆12Mar 24, 2025Updated 11 months ago
- Windows system spy for Mouse, Keyboard and Gamepad(Joystick).☆15Jul 6, 2022Updated 3 years ago
- microVM☆52Aug 25, 2015Updated 10 years ago
- ☆43Apr 18, 2023Updated 2 years ago
- This is the P.O.C source for hooking the system calls on Windows 10 (1903) using it's dynamic trace feature weakness☆58Sep 12, 2019Updated 6 years ago
- The trashvisor☆12Oct 25, 2020Updated 5 years ago
- ☆73Aug 31, 2022Updated 3 years ago
- Intel Virtualization Technology demo☆72Oct 15, 2016Updated 9 years ago