Simple DLL and client app that work together to hook all the functions in WinHvPlatform.dll in order to provide logging and introspection at the hypervisor level
☆21Dec 1, 2021Updated 4 years ago
Alternatives and similar repositories for WHPHook
Users that are interested in WHPHook are comparing it to the libraries listed below
Sorting:
- ☆21Jun 3, 2021Updated 4 years ago
- Headers for linking your software with ntdll.dll☆15Nov 4, 2020Updated 5 years ago
- ☆14Mar 26, 2018Updated 7 years ago
- Simple Demo of using Windows Hypervisor Platform☆29Jul 14, 2025Updated 8 months ago
- pdb's function and global vars to offset☆10Apr 11, 2023Updated 2 years ago
- Detect VM and Hypervisor☆10Jun 16, 2021Updated 4 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆71May 11, 2022Updated 3 years ago
- Intel learning hypervisor and some extend function☆23Aug 23, 2025Updated 6 months ago
- Win32 PE Anti-RE and Anti-debugging Framework☆13May 14, 2019Updated 6 years ago
- this application shows EAC sdk's memory leak.☆10Nov 30, 2021Updated 4 years ago
- A simple command line utility to quickly load and unload Windows drivers☆18Jul 2, 2022Updated 3 years ago
- Disable threat tracing from the kernel..☆14Apr 8, 2022Updated 3 years ago
- hooks gServerHandlers xxxEventWndProc☆13May 1, 2022Updated 3 years ago
- ☆37Dec 27, 2021Updated 4 years ago
- pepex hack☆10Oct 22, 2021Updated 4 years ago
- ☆15Mar 28, 2015Updated 10 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- detect hypervisor with Nmi Callback☆42Sep 25, 2022Updated 3 years ago
- funky fun fuzzer☆11Jul 6, 2021Updated 4 years ago
- win32/x64 obfuscate framework☆33Apr 16, 2019Updated 6 years ago
- Shareds for kernel developement☆29Dec 23, 2013Updated 12 years ago
- ☆20Mar 13, 2018Updated 8 years ago
- ☆23May 8, 2023Updated 2 years ago
- Custom KiSystemStartup, can be used to modificate kernel before boot.☆53Apr 7, 2022Updated 3 years ago
- x64 PE-COFF virtualization driven obfuscation engine☆58Oct 14, 2022Updated 3 years ago
- This is the client side library to access JTAG Server distributed with Quartus (jtagd/jtagserver.exe). The protocol is known as Advanced …☆20Aug 18, 2025Updated 7 months ago
- based on https://github.com/secrary/Hooking-via-InstrumentationCallback☆73Oct 29, 2019Updated 6 years ago
- Rust program for interfacing with the gigabyte driver to gain access to powerful primitives such as arbitrary kernel memcpy.☆17Nov 26, 2022Updated 3 years ago
- Vulnerability research on the CA UIM Nimbus protocol☆15Sep 28, 2020Updated 5 years ago
- The modifyed cjson that can running on windows kernel☆15Mar 21, 2023Updated 3 years ago
- ☆22Jan 15, 2025Updated last year
- C++ Program used to dump Themida and VMProtect.☆34Dec 13, 2023Updated 2 years ago
- Decrypts multiple BattlEye packets from BEService<>BEDaisy (including those with multiple encryption layers) out to a console.☆28Apr 14, 2022Updated 3 years ago
- Open-source EDR kernel-component for system monitoring and DLL injection☆33Nov 14, 2020Updated 5 years ago
- eac memory sig maker☆14Jun 10, 2021Updated 4 years ago
- ☆13Aug 24, 2022Updated 3 years ago
- LZVN compression/decompression tool☆18Feb 9, 2021Updated 5 years ago
- Basic experimentation with Windows drivers.☆17Mar 3, 2023Updated 3 years ago
- IDA plugin that resolves PPL calls to the actual underlying PPL function.☆56Feb 28, 2023Updated 3 years ago