Oliver-1-1 / EtwKeyboardDetectionView external linksLinks
☆37Sep 26, 2024Updated last year
Alternatives and similar repositories for EtwKeyboardDetection
Users that are interested in EtwKeyboardDetection are comparing it to the libraries listed below
Sorting:
- ☆18Feb 5, 2025Updated last year
- ☆47Jul 7, 2024Updated last year
- ☆34Mar 3, 2024Updated last year
- partially disable patchguard up to win11 21H2☆19Jun 3, 2024Updated last year
- ☆16Aug 28, 2024Updated last year
- read / write memory from a proxy process by injecting shellcode☆20Dec 23, 2025Updated last month
- ☆83Apr 23, 2024Updated last year
- 巨硬☆17Oct 4, 2023Updated 2 years ago
- Unknowncheats Magically Optimized Tidy Mapper using nvaudio☆150Jun 11, 2024Updated last year
- Browse Page Tables on Windows (Page Table Viewer)☆234Apr 2, 2022Updated 3 years ago
- ☆37May 21, 2022Updated 3 years ago
- detect hypervisor with Nmi Callback☆42Sep 25, 2022Updated 3 years ago
- ☆23Oct 28, 2020Updated 5 years ago
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆60Oct 19, 2024Updated last year
- ☆264Sep 2, 2025Updated 5 months ago
- intel vt-x type 2 hypervisor☆61Apr 13, 2025Updated 10 months ago
- How to use PiDqSerializationWrite. Introduces how to safely read and write from mapped driver☆26May 29, 2023Updated 2 years ago
- 将驱动映射到会话空间☆38Aug 27, 2022Updated 3 years ago
- it's a driver injector or driver loader header lib(Windows)☆12Aug 5, 2023Updated 2 years ago
- A native Windows library for intercepting kernel-to-user transitions using instrumentation callbacks☆28Feb 3, 2024Updated 2 years ago
- Translate virtual addresses to physical addresses from usermode.☆101Jun 7, 2024Updated last year
- Old way for blocking NMI interrupts☆29Sep 6, 2022Updated 3 years ago
- 对debughelp的二次开发☆11Feb 20, 2023Updated 2 years ago
- ☆10Feb 1, 2022Updated 4 years ago
- 可在非测试模式下符号化读取内核内存。Kernel memory can be read symbolically in non test mode。☆109Sep 1, 2022Updated 3 years ago
- Windows PDB parser for kernel-mode environment.☆104Jun 7, 2025Updated 8 months ago
- Example of reading process memory through kernel special APC☆110Apr 21, 2023Updated 2 years ago
- ☆355May 11, 2025Updated 9 months ago
- base for testing☆186Sep 28, 2024Updated last year
- Minimalistic HTTP(S) client for the NT kernel☆61Dec 1, 2025Updated 2 months ago
- Hooking Windows' exception dispatcher to protect process's PML4☆225Jan 24, 2025Updated last year
- Standard Kernel Library for Windows manipulation in C++☆199Jun 18, 2025Updated 7 months ago
- undetected eac mapper☆169May 3, 2022Updated 3 years ago
- Disable NMI Callbacks with Kernelmode Driver☆18Mar 15, 2023Updated 2 years ago
- Looks for a vulnerable entry point to bypass BE Anti Cheat or other in Ring3☆18Feb 25, 2023Updated 2 years ago
- windows kernel pagehook☆41Oct 30, 2022Updated 3 years ago
- nmi stackwalking + module verification☆157Dec 28, 2023Updated 2 years ago
- Hook NtDeviceIoControlFile with PatchGuard☆107May 10, 2022Updated 3 years ago
- POC kernel driver with hidden system thread☆13May 14, 2024Updated last year