Midi12 / whseLinks
WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API
☆23Updated 3 years ago
Alternatives and similar repositories for whse
Users that are interested in whse are comparing it to the libraries listed below
Sorting:
- ☆26Updated last year
- ☆15Updated 2 years ago
- Experiment to use sections as User/Kernelmode comm vector☆22Updated 2 years ago
- ☆23Updated 2 years ago
- ☆25Updated 4 years ago
- Load Dll into Kernel space☆38Updated 3 years ago
- research revolving the windows filtering platform callout mechanism☆33Updated last year
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Updated 3 years ago
- windows kernel pagehook☆40Updated 2 years ago
- Helper script for Windows kernel debugging with IDA Pro on native Bochs debugger (including PDB symbols)☆62Updated 2 years ago
- Windows driver template, using C++20 & cmake & GithubActions☆22Updated last year
- Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures☆34Updated last year
- Elevate arbitrary MSR writes to kernel execution.☆38Updated 2 years ago
- Bypassing kernel patch protection runtime☆20Updated 2 years ago
- Portable & Custmizable Windows Defender☆12Updated 3 years ago
- A VMBR (Virtual-Machine Based Rootkit) which runs a guest OS and sends the attacker its data☆28Updated last year
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆74Updated 2 years ago
- A demonstration of hooking into the VMProtect-2 virtual machine☆22Updated last year
- An example of how to use Microsoft Windows Warbird technology☆28Updated 2 years ago
- Executes Read/Write process memory with `NtQueryCompositionSurfaceStatistics`☆18Updated last year
- ☆16Updated 2 years ago
- ☆59Updated 3 years ago
- Application Verifier Dynamic Fault Injection☆39Updated last month
- Windows Research Kernel☆34Updated 2 weeks ago
- Shh0ya Kernel Hook Driver☆24Updated 4 years ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆65Updated 2 years ago
- ☆23Updated 2 years ago
- ☆27Updated 2 years ago
- A poc that abuses Enclave☆39Updated 3 years ago
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆42Updated 3 years ago