ManulMap / malstring
Using c++23 compile-time magic to produce obfuscated PIC strings and arrays.
☆19Updated 9 months ago
Alternatives and similar repositories for malstring:
Users that are interested in malstring are comparing it to the libraries listed below
- PAGE_GUARD based hooking library☆42Updated 2 years ago
- Allows for same-file KernelMode function execution using Encrypted addresses of Functions☆31Updated 5 months ago
- Freeze target threads (external - internal ) by avoiding SuspendThread detections. Or access registers from start address.☆32Updated last year
- ntoskrnl .data hooks for UM-KM communication☆37Updated 10 months ago
- clearing traces of a loaded driver☆47Updated 2 years ago
- Kernel<->Usermode shared memory communcation using manually mapped driver☆14Updated 3 years ago
- This is an EfiGuard BootLoader that can boot EfiGuard from Usermode with no USB or Setup as a Single Executable with automatic File Dumpi…☆48Updated 6 months ago
- Hijack NotifyRoutine for a kernelmode thread☆41Updated 2 years ago
- ☆10Updated 2 years ago
- POC Hook of nt!HvcallCodeVa☆50Updated last year
- Compileable POC of namazso's x64 return address spoofer.☆51Updated 4 years ago
- ☆29Updated 6 months ago
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆48Updated 2 years ago
- Written in a couple hours, don't judge :)☆14Updated last year
- search for a driver/dll module that has a wanted section bigger than the size of your image☆20Updated 3 years ago
- POC kernel driver with hidden system thread☆14Updated 10 months ago
- UM-KM Communication using registry callbacks☆39Updated 4 years ago
- Communicate from ring-0 to ring-3 using NamedPipes.☆10Updated 2 years ago
- Bypassing kernel patch protection runtime☆20Updated 2 years ago
- This is a POC Test project for INTEL CPUs on blocking NMI Entries through the IDT Handler.☆39Updated 5 months ago
- Bypass using kernel driver (not finish).☆20Updated last year
- manual mapping injector☆28Updated 2 years ago
- A method to Disable DSE using .data ptr hooks☆29Updated last year
- Experiment with PAGE_GUARD protection to hide memory from other processes☆44Updated 9 months ago
- Library to manipulate drivers that expose a physical memory read/write primitive.☆24Updated last year
- A poc that abuses Enclave☆37Updated 2 years ago
- ☆53Updated 2 years ago
- A simple present scene, kernel allocation injector.☆24Updated 2 years ago
- partially disable patchguard up to win11 21H2☆19Updated 9 months ago
- A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy☆84Updated last year