Idov31 / NovaHypervisorLinks
NovaHypervisor is a defensive x64 Intel host based hypervisor. The goal of this project is to protect against kernel based attacks (either via Bring Your Own Vulnerable Driver (BYOVD) or other means) by safeguarding defense products (AntiVirus / Endpoint Protection) and kernel memory structures and preventing unauthorized access to kernel memory…
☆228Updated 2 weeks ago
Alternatives and similar repositories for NovaHypervisor
Users that are interested in NovaHypervisor are comparing it to the libraries listed below
Sorting:
- Rewrite and obfuscate code in compiled binaries☆259Updated last week
- Virtual Trust Level (VTL 1) secure call tracing☆80Updated last month
- bypassing intel txt's tboot integrity checks via coreboot shim☆83Updated 7 months ago
- ☆95Updated last year
- The Windbg extensions to study Hyper-V on Intel and AMD processors.☆167Updated last month
- ☆154Updated 2 months ago
- RISC-V Virtual Machine☆253Updated 4 months ago
- Windows 11 24H2-25H2 Runtime PatchGuard Bypass☆203Updated last week
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆156Updated last year
- uefi diskless persistence technique + OVMF secureboot bypass☆94Updated last year
- C++ macro for x64 programs that breaks ida hex-rays decompiler tool.☆128Updated last year
- Single header version of System Informer's phnt library.☆230Updated this week
- A set of LLVM and GCC based plugins that perform code obfuscation.☆132Updated this week
- ☆90Updated 8 months ago
- Modular and extensible library for Virtual Machine Introspection☆111Updated 2 months ago
- A tool that is used to hunt vulnerabilities in x64 WDM drivers☆403Updated 2 weeks ago
- Windows kernel debugger for Linux hosts running Windows under KVM/QEMU☆96Updated 5 months ago
- Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling withou…☆236Updated last year
- Find out how to bypass HVCI (or not). My own research on Microsoft Warbird (specifically in clipsp.sys)☆68Updated last week
- Admin to Kernel code execution using the KSecDD driver☆258Updated last year
- Automated multi-engine framework for unpacking, analyzing, and devirtualizing binaries protected by commercial and custom Virtual Machine…☆251Updated 2 weeks ago
- Hells Hollow Windows 11 Rootkit technique to Hook the SSDT via Alt Syscalls☆188Updated last month
- Contains all the applications developed for the Second part of the 7th Edition of Windows Internals book☆113Updated last year
- Simple, fast and lightweight Header-Only C++ Assembler Library☆128Updated 2 months ago
- PoC Anti-Rootkit/Anti-Cheat Driver.☆223Updated 6 months ago
- An x86-64 code virtualizer for VM based obfuscation☆139Updated 10 months ago
- SMM UEFI module and client for UMD privilege escalation☆60Updated 4 months ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆256Updated 3 years ago
- Windows KASLR bypass using prefetch side-channel☆131Updated last year
- A universal binary patching dll.☆95Updated last year