An example of how x64 kernel shellcode can dynamically find and use APIs
☆105May 14, 2020Updated 5 years ago
Alternatives and similar repositories for DynamicKernelShellcode
Users that are interested in DynamicKernelShellcode are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Tools made for my Hyper-V blog series @ https://foxhex0ne.blogspot.com/☆58Jun 21, 2020Updated 5 years ago
- A driver that hooks C: volume using symbolic link callback to track all FS access to the volume☆110Apr 24, 2020Updated 6 years ago
- Some garbage drivers written for getting started☆64Dec 31, 2019Updated 6 years ago
- Code Injection, Inject malicious payload via pagetables pml4.☆243Jul 7, 2021Updated 4 years ago
- Stealthy Injector that leverages a vulnerable driver and other exploits to remain undetected☆37Dec 10, 2018Updated 7 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- An example of a client and server using Windows' ALPC functions to send and receive data.☆119Jan 21, 2025Updated last year
- A driver that supports communication between a Windows guest and HyperWin☆15Jan 6, 2021Updated 5 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆242Nov 6, 2019Updated 6 years ago
- Hide codes/data in the kernel address space.☆187May 8, 2021Updated 4 years ago
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆184Nov 30, 2017Updated 8 years ago
- ☆12Feb 19, 2017Updated 9 years ago
- A native hypervisor designed for the Windows operating system☆125Mar 6, 2021Updated 5 years ago
- Bypassing NTFS permissions to read any files as unprivileged user.☆192Oct 21, 2020Updated 5 years ago
- hooking KiUserApcDispatcher☆27Apr 3, 2017Updated 9 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆66Apr 4, 2020Updated 6 years ago
- init☆14Mar 16, 2020Updated 6 years ago
- x64 assembler library☆31Jun 7, 2024Updated last year
- a frame of amd-v svm nest☆54Apr 7, 2020Updated 6 years ago
- exploit termdd.sys(support kb4499175)☆61Jul 15, 2019Updated 6 years ago
- ☆39Oct 29, 2020Updated 5 years ago
- View handles and object for each object type☆67Sep 1, 2019Updated 6 years ago
- ShellcodeVM☆15Jun 20, 2016Updated 9 years ago
- win10 pgContext dynamic dump (btc version)☆111Jan 15, 2020Updated 6 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Research on Windows Kernel Executive Callback Objects☆318Feb 22, 2020Updated 6 years ago
- usermode standalone kernel interface☆112Jul 9, 2018Updated 7 years ago
- ☆23May 28, 2021Updated 4 years ago
- ☆124May 23, 2020Updated 5 years ago
- VMX intrinsics plugin for Hex-Rays decompiler☆75Oct 28, 2019Updated 6 years ago
- Communication via callback☆73Oct 9, 2019Updated 6 years ago
- AllMemPro☆46Jan 15, 2018Updated 8 years ago
- c++ implementation of windows heavens gate☆71Feb 12, 2021Updated 5 years ago
- API monitoring via return-hijacking thunks; works without information about target function prototypes.☆117May 26, 2020Updated 5 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Kernel Pool Monitor☆128Mar 6, 2022Updated 4 years ago
- ☆17Feb 29, 2020Updated 6 years ago
- Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…☆219Feb 20, 2023Updated 3 years ago
- Windows Drivers☆100Apr 6, 2019Updated 7 years ago
- Driver Loader/BE Bypass/Win Malware(lol)☆36Jun 25, 2019Updated 6 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 6 years ago
- CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers☆146Sep 5, 2020Updated 5 years ago