Abusing DDMA alongside Copy On Write for Cross Process Code Execution for a 3000$ Bug Bounty
☆91Feb 1, 2026Updated last month
Alternatives and similar repositories for CopyMyWrite
Users that are interested in CopyMyWrite are comparing it to the libraries listed below
Sorting:
- Kernel Driver used in Rigel to do RPM and WPM☆25Feb 11, 2024Updated 2 years ago
- Misery Loader to bypass modern EDR solutions☆18Dec 20, 2024Updated last year
- [WIP] claude opus x86_64 disassembler/lifter/recompiler☆33Feb 12, 2026Updated last month
- Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …☆55Dec 30, 2025Updated 2 months ago
- UEFI Bootkit Framework that attacks boot-time Code Integrity☆120Updated this week
- kASLR bypass technique on Intel CPUs.☆32May 18, 2025Updated 10 months ago
- A high-fidelity x86_64 polymorphic mutation engine focused on instruction-level fragmentation and context preservation.☆111Jan 18, 2026Updated 2 months ago
- page table manipulation to gain physical r/w☆44May 7, 2024Updated last year
- WinDbg-ext-MCP bridges your favorite LLM client (like Cursor, Claude, or VS Code) with WinDbg, enabling real-time, AI assisted kernel deb…☆83Sep 10, 2025Updated 6 months ago
- "Bypassing" HVCI via donor PFN swaps to modify read-only code pages. Call chained kernel functions (kCET and SLAT support), modify read-o…☆105Updated this week
- Windows 11 kernel research framework demonstrating DSE bypass on Windows 11 25H2 through boot-time execution. Loads unsigned drivers by s…☆95Dec 22, 2025Updated 2 months ago
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆78Mar 29, 2025Updated 11 months ago
- stack based arithmetic only virtual machine (VM) executes bytecode instructions to perform various basic arithmetic operations and manage…☆27Mar 19, 2025Updated last year
- Usermode exploit to bypass any AC using a 0day shatter attack.☆263Nov 26, 2025Updated 3 months ago
- Windows kernel ROP-only implant exposing R/W primitives☆45Feb 1, 2026Updated last month
- VFGadget locator to facilitate Counterfeit Object-Oriented Programming (COOP) and Loop-Oriented Programming (LOP) attacks to bypass advan…☆24Mar 16, 2025Updated last year
- My personal / private P2C Project undetected for 8- Months Straight leaked & resold so I am publishing it to piss them off.☆66Sep 27, 2025Updated 5 months ago
- Fix VMProtect 3.xx (tested 3.0.9 to 3.5.0)☆18Feb 1, 2022Updated 4 years ago
- Patchestry is a binary patching framework built with MLIR and Ghidra.☆81Updated this week
- KVC enables unsigned driver loading via DSE bypass (g_CiOptions patch, skci.dll hijack, SeCiCallbacks redirection) and PP/PPL manipulatio…☆181Feb 26, 2026Updated 3 weeks ago
- Usermode NT Explorer - Query kernel addresses, translate virtual to physical addresses, inspect the PFN database, and more.☆73Updated this week
- Windows x64 DLL/Driver manual map injection on a non-present PML4E using physical memory read/writes, direct page table manipulation and …☆86Sep 28, 2025Updated 5 months ago
- 🔬 IDA plugin to find patched memory☆84Mar 1, 2026Updated 2 weeks ago
- Shellcode capable of bypassing EAF / IAF mitigations☆28Apr 11, 2023Updated 2 years ago
- Ryūjin Protector - Is a Intel Arch - BIN2BIN - PE Obfuscation/Protection/DRM tool☆318Nov 20, 2025Updated 4 months ago
- x86-64 pe binary obfuscator☆27Jan 11, 2026Updated 2 months ago
- ☆13Oct 10, 2023Updated 2 years ago
- read / write memory from a proxy process by injecting shellcode☆20Dec 23, 2025Updated 2 months ago
- Leveraging TPM2 TCG Logs (Measured Boot) to Detect UEFI Drivers and Pre-Boot Applications☆22Mar 28, 2025Updated 11 months ago
- ☆56Mar 13, 2026Updated last week
- Archive R/W into any protected process by changing the value of KTHREAD->PreviousMode☆163Jul 31, 2022Updated 3 years ago
- MOUSE MOVEMENT BYPASS VALORANT VANGUARD☆24Oct 13, 2025Updated 5 months ago
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆61Oct 19, 2024Updated last year
- A stealthy anti-fingerprinting toolkit for Windows☆103Aug 5, 2025Updated 7 months ago
- ☆113Updated this week
- Automatic vtable detection, inheritance analysis, and function override tracking for reverse engineering compiled C++ binaries. Supports …☆125Mar 13, 2026Updated last week
- Intel 64/Windows low-level experiments☆63Aug 25, 2025Updated 6 months ago
- ASM Bootkit that patches DSE at boot allowing to load unsigned drivers☆16Aug 24, 2025Updated 6 months ago
- Simple anti-instrumentation with EFLAGS.AC☆17Mar 31, 2025Updated 11 months ago