KiFilterFiberContext / windows-software-policyLinks
Research on obfuscated licensing APIs / CLIP service in the Windows kernel
☆118Updated 2 years ago
Alternatives and similar repositories for windows-software-policy
Users that are interested in windows-software-policy are comparing it to the libraries listed below
Sorting:
- Reimplementation of Microsoft's Warbird obuscator☆133Updated last year
- Integration of Microsoft Warbird with the MSVC compiler☆109Updated 2 years ago
- Documentation of Microsoft's Warbird obfuscation☆52Updated 11 months ago
- A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.☆82Updated last year
- The Windbg extensions to study Hyper-V on Intel and AMD processors.☆154Updated 4 months ago
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆146Updated 11 months ago
- Take back control of Windows Code Integrity, no exploits or patching required! Requires that you control your own Platform Key (PK).☆49Updated 2 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆251Updated 2 years ago
- bypassing intel txt's tboot integrity checks via coreboot shim☆77Updated 4 months ago
- Contains all the applications developed for the Second part of the 7th Edition of Windows Internals book☆112Updated last year
- Simple, fast and lightweight Header-Only C++ Assembler Library☆89Updated last month
- Windows kernel debugger for Linux hosts running Windows under KVM/QEMU☆91Updated 2 months ago
- A x86_64 software emulator☆135Updated this week
- uefi diskless persistence technique + OVMF secureboot bypass☆86Updated last year
- WinLicense key extraction via Intel PIN☆102Updated last year
- ☆71Updated 2 years ago
- Proof-of-concept game using VBS enclaves to protect itself from cheating☆43Updated 8 months ago
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆297Updated 9 months ago
- NovaHypervisor is a defensive x64 Intel host based hypervisor. The goal of this project is to protect against kernel based attacks (eithe…☆197Updated 3 weeks ago
- Different tools for Microsoft Hyper-V researching☆58Updated 2 weeks ago
- msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation to be used within IDA.☆152Updated last year
- Advanced driver monitoring utility.☆215Updated 3 years ago
- Documenting system information classes and their uses☆54Updated 3 years ago
- Research-focused hypervisor offering advanced tools for debugging, virtual machine introspection, and automation.☆37Updated last month
- A thin introspection hypervisor framework that allows for low level resource manipulation.☆13Updated last year
- An x64dbg plugin which marks XFG call signatures as data☆77Updated 2 years ago
- x86-64 user mode emulation using Zydis☆48Updated 6 months ago
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆127Updated 2 years ago
- ☆91Updated last year
- SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.☆90Updated 9 months ago