Idov31 / NovaHypervisorLinks
NovaHypervisor is a defensive x64 Intel host based hypervisor. The goal of this project is to protect against kernel based attacks (either via Bring Your Own Vulnerable Driver (BYOVD) or other means) by safeguarding defense products (AntiVirus / Endpoint Protection) and kernel memory structures and preventing unauthorized access to kernel memory…
☆228Updated last week
Alternatives and similar repositories for NovaHypervisor
Users that are interested in NovaHypervisor are comparing it to the libraries listed below
Sorting:
- Rewrite and obfuscate code in compiled binaries☆256Updated 3 weeks ago
- bypassing intel txt's tboot integrity checks via coreboot shim☆81Updated 6 months ago
- Virtual Trust Level (VTL 1) secure call tracing☆76Updated last month
- ☆94Updated last year
- The Windbg extensions to study Hyper-V on Intel and AMD processors.☆167Updated last month
- ☆153Updated 2 months ago
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆156Updated last year
- uefi diskless persistence technique + OVMF secureboot bypass☆93Updated last year
- Windows 11 24H2 Runtime PatchGuard Bypass☆190Updated 3 weeks ago
- Windows kernel debugger for Linux hosts running Windows under KVM/QEMU☆96Updated 4 months ago
- RISC-V Virtual Machine☆252Updated 3 months ago
- A set of LLVM and GCC based plugins that perform code obfuscation.☆130Updated last month
- ☆89Updated 7 months ago
- C++ macro for x64 programs that breaks ida hex-rays decompiler tool.☆128Updated last year
- A tool that is used to hunt vulnerabilities in x64 WDM drivers☆402Updated last week
- Modular and extensible library for Virtual Machine Introspection☆110Updated last month
- Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling withou…☆233Updated 11 months ago
- Admin to Kernel code execution using the KSecDD driver☆257Updated last year
- PoC Anti-Rootkit/Anti-Cheat Driver.☆221Updated 5 months ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆255Updated 3 years ago
- compile-time control flow obfuscation using mba☆194Updated 2 years ago
- A universal binary patching dll.☆95Updated 11 months ago
- Windows KASLR bypass using prefetch side-channel☆128Updated last year
- Single header version of System Informer's phnt library.☆230Updated this week
- All LLVM binaries scrambled with SigBreaker and used to test against llvm-lit☆25Updated 4 months ago
- Automated multi-engine framework for unpacking, analyzing, and devirtualizing binaries protected by commercial and custom Virtual Machine…☆236Updated last month
- Finding Truth in the Shadows☆116Updated 2 years ago
- Reverse engineering winapi function loadlibrary.☆216Updated 2 years ago
- SMM UEFI module and client for UMD privilege escalation☆60Updated 4 months ago
- msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation to be used within IDA.☆154Updated last year