.data ptr swapper for newer win32k versions. (Supports Windows 11)
☆37Jan 19, 2026Updated 4 months ago
Alternatives and similar repositories for Win32kHooker
Users that are interested in Win32kHooker are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- "Bypassing" HVCI via donor PFN swaps to modify read-only code pages. Call chained kernel functions (kCET and SLAT support), and more.☆127Mar 16, 2026Updated 3 months ago
- Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …☆57Dec 30, 2025Updated 5 months ago
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆64Oct 19, 2024Updated last year
- reverse engineering of the windows nt kernel debugger protocol & reimplementation.☆38Jul 2, 2024Updated last year
- A Windows Kernel Driver Emulator base on Unicorn, Kernel Memory Dump and some of native environment☆181Jan 15, 2026Updated 5 months ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Beacon Debugger☆56Oct 28, 2024Updated last year
- Minimalistic HTTP(S) client for the NT kernel☆61Dec 1, 2025Updated 6 months ago
- An IDA Hex-Rays microcode filter that lifts AVX/AVX2/AVX-512/AVX10 and VMX/VT-x instructions to intrinsics.☆79Jun 2, 2026Updated 2 weeks ago
- A lightweight test harness designed to speed up shellcode development by providing an execution environment with integrated crash diagnos…☆45Jan 15, 2026Updated 5 months ago
- ☆19Updated this week
- ☆18Dec 3, 2025Updated 6 months ago
- A simple POC to show how to chain multiple callbacks via tail calls to artificially construct a call stack☆106May 25, 2026Updated 3 weeks ago
- Windows kernel driver that detects hypervisors by probing SIDT/LIDT edge cases, paging/TLB behaviors, privilege transitions, and timing e…☆47Mar 3, 2026Updated 3 months ago
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆78Mar 29, 2025Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A Kernel driver for using against anti cheats like EAC or BE☆15Aug 10, 2021Updated 4 years ago
- Use XIGNCODE3 driver to cheat☆81May 1, 2026Updated last month
- Rendering on external windows via hijacking thread contexts, with notes on ValidateHwnd☆14Jul 9, 2020Updated 5 years ago
- Reversing EasyAntiCheat 😎☆15Jun 6, 2026Updated last week
- BAADTokenBroker is a post-exploitation tool designed to interact with Microsoft Entra ID device-bound keys.☆83Apr 11, 2026Updated 2 months ago
- Proof-of-concept code for understanding the allow-jit entitlement on macOS☆33Feb 19, 2026Updated 3 months ago
- ☆15Sep 2, 2024Updated last year
- IDA plugin to deobfuscate emotet CFF☆18Apr 26, 2022Updated 4 years ago
- Port of the EDRSilencer tool (https://github.com/netero1010/EDRSilencer) to BOF format☆35Oct 22, 2024Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Notion C2 Profile for Mythic☆47Apr 30, 2026Updated last month
- Fixes the "Device\Nal is already in use" error on kdmapper.☆20Jan 9, 2023Updated 3 years ago
- This is similar to GdrvLoader but it works on EAC (& BE but same for GdrvLoader) with included gdrv.sys (cert)☆34Apr 23, 2026Updated last month
- Translate virtual addresses to physical addresses from usermode.☆133Jun 7, 2024Updated 2 years ago
- public index of IDA Pro plugins☆38Updated this week
- Optimized zlib inflate (+gzip) library for embedded☆42Jul 15, 2024Updated last year
- Proof of concepts demonstrating some aspects of the Windows kernel shadow stack mitigation.☆56Jun 2, 2025Updated last year
- An advanced library for protecting/obfuscating kernel drivers using the C++ 17 standard.☆41May 7, 2026Updated last month
- A headless MCP server for IDA Pro and Ghidra☆105Jun 4, 2026Updated 2 weeks ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Kernel Driver which can be used to read guarded regions, read/write/ protect/ or allocate memory in desired process!☆19Jan 8, 2026Updated 5 months ago
- TLS fingerprint emulation upstream proxy replay any ClientHello☆50Apr 6, 2026Updated 2 months ago
- A biomechanically-grounded mouse movement algorithm that outperforms WindMouse across every metric that matters for human-like trajectory…☆43Mar 7, 2026Updated 3 months ago
- Opengraph-Compatible JSON Generator for BloodHound☆29Mar 30, 2026Updated 2 months ago
- Patches DSE by swapping both data ptrs located in SeValidateImageHeader && SeValidateImageData☆25Feb 9, 2024Updated 2 years ago
- cr3 shuffle driver☆89Mar 24, 2024Updated 2 years ago
- Windows kernel driver demonstrating kernel-to-usermode communication via shared memory sections☆107Apr 24, 2026Updated last month