Research on obfuscated licensing APIs / CLIP service in the Windows kernel
☆140Aug 23, 2022Updated 3 years ago
Alternatives and similar repositories for windows-software-policy
Users that are interested in windows-software-policy are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆267Aug 31, 2022Updated 3 years ago
- Reimplementation of Microsoft's Warbird obuscator☆208Jun 24, 2024Updated last year
- Integration of Microsoft Warbird with the MSVC compiler☆131Jul 16, 2023Updated 2 years ago
- Documentation of Microsoft's Warbird obfuscation☆70Aug 29, 2024Updated last year
- An example code of CiGetCertPublisherName☆16Mar 24, 2022Updated 4 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆330Oct 13, 2024Updated last year
- genpatch is IDA plugin that generates a python script for patching binary☆38Dec 21, 2023Updated 2 years ago
- Experimental disassembler for x86 binaries virtualized by VMProtect 3☆94Aug 27, 2022Updated 3 years ago
- EAPPX/EMSIX decryption and extraction☆34Jun 13, 2024Updated last year
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆73Aug 11, 2023Updated 2 years ago
- Enumerate user mode shared memory mappings on Windows.☆135Feb 14, 2021Updated 5 years ago
- A simple hypervisor demonstrating the use of the Intel VT-rp (redirect protection) technology.☆113Mar 28, 2024Updated 2 years ago
- Find out how to bypass HVCI (or not). My own research on Microsoft Warbird (specifically in clipsp.sys)☆94Oct 26, 2025Updated 6 months ago
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆169Aug 23, 2024Updated last year
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Reports and POCs for CVE 2024-43570 and CVE-2024-43535☆30Jun 7, 2025Updated 10 months ago
- An analysis of the Warbird virtual-machine protection for the CI!g_pStore☆268Feb 6, 2018Updated 8 years ago
- Recursive and arbitrary code execution at kernel-level without a system thread creation☆160Mar 16, 2026Updated last month
- An example of how to use Microsoft Windows Warbird technology☆94Apr 23, 2023Updated 3 years ago
- Demo proof of concept for shadow regions, and implementation of HyperDeceit.☆317May 31, 2023Updated 2 years ago
- Windows KASLR bypass using prefetch side-channel☆178Apr 26, 2024Updated 2 years ago
- Browse Page Tables on Windows (Page Table Viewer)☆238Apr 2, 2022Updated 4 years ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- reverse engineering of the windows nt kernel debugger protocol & reimplementation.☆38Jul 2, 2024Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A DTrace on Windows Reimplementation☆373Apr 22, 2026Updated last week
- Finding Truth in the Shadows☆127Jan 26, 2023Updated 3 years ago
- ntoskrnl .data hooks for UM-KM communication�☆52May 26, 2024Updated last year
- Internals information about Hyper-V☆736Mar 7, 2026Updated last month
- R.I.P. 😔☆72Mar 25, 2025Updated last year
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆662Jan 28, 2025Updated last year
- ☆33Dec 22, 2020Updated 5 years ago
- x86-64 virtualizing obfuscator written in Rust☆114Nov 16, 2023Updated 2 years ago
- Plugin for x64dbg to disable parallel loading of dependencies☆19Sep 3, 2022Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- research revolving the windows filtering platform callout mechanism☆42May 26, 2024Updated last year
- A collection of tools, source code, and papers researching Windows' implementation of CET.☆92Oct 6, 2020Updated 5 years ago
- 将驱动映射到会话空间☆39Aug 27, 2022Updated 3 years ago
- How Meltdown and Spectre haunt Anti-Cheat: DVRT details☆21Aug 21, 2024Updated last year
- exploder☆13Sep 21, 2024Updated last year
- base for testing☆189Sep 28, 2024Updated last year
- The Windbg extensions to study Hyper-V on Intel and AMD processors.☆173Feb 10, 2026Updated 2 months ago