☆158May 21, 2024Updated last year
Alternatives and similar repositories for Rw-No-Attach
Users that are interested in Rw-No-Attach are comparing it to the libraries listed below
Sorting:
- Mapping your code on a 0x1000 size page☆71May 20, 2022Updated 3 years ago
- base for testing☆187Sep 28, 2024Updated last year
- usermode driver mapper that forcefully loads any signed kernel driver (legit cert) with a big enough section (example: .data, .rdata) to …☆473Jan 3, 2022Updated 4 years ago
- Cool kernel communication method.☆100Jun 27, 2021Updated 4 years ago
- Hijack NotifyRoutine for a kernelmode thread☆41Jun 4, 2022Updated 3 years ago
- Detect removed thread from PspCidTable.☆75Mar 18, 2022Updated 3 years ago
- UM-KM Communication using registry callbacks☆39Jun 8, 2020Updated 5 years ago
- ☆225May 10, 2022Updated 3 years ago
- A mapper that maps shellcode into loaded large page drivers☆324Apr 26, 2022Updated 3 years ago
- Hiding the window from screenshots using the function win32kfull::GreProtectSpriteContent☆630Dec 26, 2024Updated last year
- Recursive and arbitrary code execution at kernel-level without a system thread creation☆159Apr 13, 2023Updated 2 years ago
- Kernel driver that .text hooks a syscall in dxgkrnl.sys which can be called from our user-mode client to send instructions like rpm/wpm a…☆211Dec 16, 2022Updated 3 years ago
- POC Hook of nt!HvcallCodeVa☆54May 8, 2023Updated 2 years ago
- This tool will allow you to spoof the return addresses of your functions as well as system functions.☆550Nov 12, 2022Updated 3 years ago
- Allows you to communicate with the kernel mode to manipulate memory in a stealthy way to avoid kernel anticheats.☆172May 8, 2022Updated 3 years ago
- ☆42Jul 1, 2022Updated 3 years ago
- Load your driver like win32k.sys☆258Aug 20, 2022Updated 3 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆121Feb 8, 2022Updated 4 years ago
- undetected eac mapper☆171May 3, 2022Updated 3 years ago
- Bypasses for Windows kernel callbacks PatchGuard protection☆44Aug 15, 2021Updated 4 years ago
- mouseclassservicecallback detection via hook☆52Feb 7, 2022Updated 4 years ago
- r/w virtual memory without attach☆219Oct 19, 2023Updated 2 years ago
- Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executabl…☆387Jan 29, 2022Updated 4 years ago
- ☆193May 1, 2023Updated 2 years ago
- ☆192Dec 8, 2021Updated 4 years ago
- ☆145Dec 10, 2022Updated 3 years ago
- Stealthy UM <-> KM communication system without creating any system threads, permanent hooks, driver objects, section objects or device o…☆379Mar 15, 2024Updated last year
- Bypassing EasyAntiCheat.sys self-integrity by abusing call hierarchy☆83Oct 6, 2022Updated 3 years ago
- Old way for blocking NMI interrupts☆29Sep 6, 2022Updated 3 years ago
- kernel anticheat to test your driver against☆182Jun 16, 2025Updated 8 months ago
- Archive R/W into any protected process by changing the value of KTHREAD->PreviousMode☆163Jul 31, 2022Updated 3 years ago
- Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL☆219Nov 12, 2020Updated 5 years ago
- A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy☆103Jun 26, 2023Updated 2 years ago
- ☆63Jul 31, 2022Updated 3 years ago
- 从MmPfnData中枚举进程和页目录基址☆207Aug 18, 2023Updated 2 years ago
- 内核级别隐藏指定窗口☆320Feb 9, 2022Updated 4 years ago
- ☆73Aug 31, 2022Updated 3 years ago
- This is a simple project of a driver + usermode.☆169Jan 31, 2022Updated 4 years ago
- csgo external running from kernelmode☆106Nov 29, 2022Updated 3 years ago