Hijacking Hyper-V at Runtime with DDMA
☆76Aug 13, 2025Updated 6 months ago
Alternatives and similar repositories for Diskjacker
Users that are interested in Diskjacker are comparing it to the libraries listed below
Sorting:
- Simple anti-instrumentation with EFLAGS.AC☆17Mar 31, 2025Updated 11 months ago
- The trashvisor☆12Oct 25, 2020Updated 5 years ago
- binary instrumentation, analysis, and patching framework☆100Feb 20, 2026Updated last week
- A simple C++ driver base with KD data block☆11Jun 25, 2022Updated 3 years ago
- ☆16May 2, 2024Updated last year
- A x86_64 software emulator☆162Aug 25, 2025Updated 6 months ago
- ☆13Jun 20, 2022Updated 3 years ago
- Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…☆93Jul 7, 2025Updated 7 months ago
- Original xbox kernel re-implementation☆45Feb 11, 2026Updated 2 weeks ago
- bypassing intel txt's tboot integrity checks via coreboot shim☆83Mar 15, 2025Updated 11 months ago
- 🤡 single header wrapper around Windows WMI for C++☆14Jan 26, 2022Updated 4 years ago
- kASLR bypass technique on Intel CPUs.☆32May 18, 2025Updated 9 months ago
- Hooking Windows' exception dispatcher to protect process's PML4☆227Jan 24, 2025Updated last year
- An advanced singular header-only C++20 obfuscation library with encryption and polymorphism.☆68Updated this week
- Expanding Kernel Lazy Importer☆33Feb 16, 2023Updated 3 years ago
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆73Apr 13, 2025Updated 10 months ago
- The sample DXE runtime driver demonstrating how to program DMA remapping.☆73Dec 27, 2023Updated 2 years ago
- Windows kernel driver that detects hypervisors by probing SIDT/LIDT edge cases, paging/TLB behaviors, privilege transitions, and timing e…☆36Dec 17, 2025Updated 2 months ago
- An example code of CiGetCertPublisherName☆17Mar 24, 2022Updated 3 years ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆68Aug 11, 2023Updated 2 years ago
- SMM rootkit similar to LoJax or MosaicRegressor☆145Nov 1, 2023Updated 2 years ago
- Quickly find differences and similarities in disassembled code☆40Nov 21, 2024Updated last year
- reverse engineering extension plugin for windbg☆121Sep 30, 2019Updated 6 years ago
- An obfuscator bases on llvm for multiple language and platform☆19Jun 28, 2017Updated 8 years ago
- Emulation Wrapper Solution is a IDA Pro plugin that brings emulator capacities to provide features such as debugging an mocking.☆23May 25, 2023Updated 2 years ago
- Illustrates the concept of return address spoofing, and how it is used.☆14May 13, 2020Updated 5 years ago
- Deobfuscation of Semi-Linear Mixed Boolean-Arithmetic Expressions☆80Jan 24, 2026Updated last month
- Disk based DMA for ATA and SCSI☆42Sep 22, 2023Updated 2 years ago
- ☆42Jan 7, 2025Updated last year
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆65Jun 19, 2019Updated 6 years ago
- memory introspection and reverse engineering hypervisor powered by leveraging Hyper-V☆565Nov 15, 2025Updated 3 months ago
- A fast Windows emulator + debugger for reverse engineering. Runs any executable in debug mode, disassembles with Zydis, emulates instruct…☆176Feb 20, 2026Updated last week
- Using MMIO (Memory-Mapped I/O) to read TPM 2.0 public Endorsement Key.☆53May 29, 2024Updated last year
- Executes Read/Write process memory with `NtQueryCompositionSurfaceStatistics`☆23Feb 10, 2024Updated 2 years ago
- Emulate Drivers in RING3 with self context mapping or unicorn☆21Jan 1, 2025Updated last year
- 🪝 Various EPT hook detection approaches☆143Updated this week
- Disks for DMA☆141Apr 28, 2021Updated 4 years ago
- Collection of hypervisor detections☆296Sep 25, 2024Updated last year
- Symbolic executor for Binary Ninja's MLIL☆25Oct 3, 2024Updated last year