POPFD / HypervisorBaseLinks
A library for intel VT-x hypervisor functionality supporting EPT shadowing.
☆50Updated 4 years ago
Alternatives and similar repositories for HypervisorBase
Users that are interested in HypervisorBase are comparing it to the libraries listed below
Sorting:
- detect hypervisor with Nmi Callback☆34Updated 2 years ago
- A poc that abuses Enclave☆38Updated 2 years ago
- Hijack NotifyRoutine for a kernelmode thread☆42Updated 2 years ago
- windows kernel pagehook☆39Updated 2 years ago
- Example of hijacking system calls via function pointer tables☆31Updated 3 years ago
- Stealthy Injector that leverages a vulnerable driver and other exploits to remain undetected☆36Updated 6 years ago
- x64 assembler library☆31Updated 11 months ago
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆37Updated 7 months ago
- Type 2 Hypervisor for security research supported by AMD-V hardware assisted virtualization☆38Updated 2 years ago
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆40Updated 3 years ago
- IA32-doc is a project which aims to put as many definitions from the Intel Manual into machine-processable format as possible☆16Updated 3 years ago
- ☆15Updated 2 years ago
- comparing data of module exports from disk and memory, then caching any differences.☆22Updated 3 years ago
- ☆30Updated 2 years ago
- Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.☆29Updated 3 years ago
- POC Hook of nt!HvcallCodeVa☆52Updated 2 years ago
- Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible. No …☆18Updated 11 months ago
- ☆68Updated 4 years ago
- NT reversal☆25Updated 6 years ago
- ☆70Updated 2 years ago
- A demonstration of hooking into the VMProtect-2 virtual machine☆19Updated last year
- ☆24Updated last year
- Binary DisASseMbler☆23Updated 2 years ago
- Visual Studio Project example for using Microsoft's STL in WDM (Windows Kernel-mode Driver)☆25Updated 3 years ago
- IDA scripts for hypervisor (Hyper-v) analysis and reverse engineering automation☆24Updated 3 years ago
- ☆21Updated 4 years ago
- A minimalistic way to spoof return addresses without using exceptions☆14Updated 2 years ago
- Kernel ReClassEx☆62Updated last year
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆70Updated last year
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆65Updated last year