Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in user-mode.
☆55Dec 30, 2025Updated 2 months ago
Alternatives and similar repositories for VPGATHER
Users that are interested in VPGATHER are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆61Oct 19, 2024Updated last year
- A simple C++ driver base with KD data block☆11Jun 25, 2022Updated 3 years ago
- [WIP] claude opus x86_64 disassembler/lifter/recompiler☆33Feb 12, 2026Updated last month
- A beautiful, idiomatic and less frustrating IDA C++ SDK.☆110Mar 1, 2026Updated 3 weeks ago
- Zyrox: LLVM based, compile-time obfuscator plugin.☆91Feb 21, 2026Updated last month
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- mash hypervisor host pml4☆17Jun 22, 2022Updated 3 years ago
- An example code of CiGetCertPublisherName☆16Mar 24, 2022Updated 4 years ago
- Resolve offsets, gadgets and symbols from NTKernel☆58Jan 15, 2026Updated 2 months ago
- An advanced singular header-only C++20 obfuscation library with encryption and polymorphism.☆86Mar 14, 2026Updated last week
- Simple anti-instrumentation with EFLAGS.AC☆17Mar 31, 2025Updated 11 months ago
- Binary lifter and deobfuscator using remill for x86_64 Windows binaries☆73Mar 10, 2026Updated 2 weeks ago
- .data ptr swapper for newer win32k versions. (Supports Windows 11)☆38Jan 19, 2026Updated 2 months ago
- A high-fidelity x86_64 polymorphic mutation engine focused on instruction-level fragmentation and context preservation.☆111Jan 18, 2026Updated 2 months ago
- Windows 11 kernel research framework demonstrating DSE bypass on Windows 11 25H2 through boot-time execution. Loads unsigned drivers by s…☆97Dec 22, 2025Updated 3 months ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Have you ever wondered: what if IDA had great Ctrl+F search support for Pseudocode windows? No longer!☆79Mar 7, 2026Updated 2 weeks ago
- ☆61Oct 24, 2025Updated 5 months ago
- A minimalistic way to spoof return addresses without using exceptions☆18Jul 26, 2022Updated 3 years ago
- An x86-64 code virtualizer for VM based obfuscation☆182Dec 21, 2024Updated last year
- VT Hook☆52Jul 2, 2024Updated last year
- Visual Studio Project example for using Microsoft's STL in WDM (Windows Kernel-mode Driver)☆25Jun 22, 2021Updated 4 years ago
- C++ Alt syscall hook in 25h2 can be load by KDU☆26Feb 18, 2026Updated last month
- Windows kernel driver that detects hypervisors by probing SIDT/LIDT edge cases, paging/TLB behaviors, privilege transitions, and timing e…☆41Mar 3, 2026Updated 3 weeks ago
- ☆65Feb 15, 2026Updated last month
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- ☆24Jul 15, 2023Updated 2 years ago
- Ryūjin Protector - Is a Intel Arch - BIN2BIN - PE Obfuscation/Protection/DRM tool☆322Nov 20, 2025Updated 4 months ago
- 🔬 IDA plugin to find patched memory☆85Mar 1, 2026Updated 3 weeks ago
- LLVM obfuscation pass, flattening at the basic block's level and turning each basic block into a dispacher and each instruction into a ne…☆49Aug 23, 2021Updated 4 years ago
- Small driver that uses alternative syscalls feature☆18May 9, 2024Updated last year
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆68Aug 11, 2023Updated 2 years ago
- DSE & PG bypass via BYOVD attack☆80Jul 12, 2025Updated 8 months ago
- Registers Vectored Exception Handlers by directly manipulating internal LdrpVectorHandlerList structure instead of calling RtlAddVectored…☆36Jan 18, 2026Updated 2 months ago
- Old way for blocking NMI interrupts☆29Sep 6, 2022Updated 3 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- chernobog is a Hex-Rays decompiler plugin that defeats Hikari LLVM obfuscation.☆179Updated this week
- x64 PE-COFF virtualization driven obfuscation engine☆58Oct 14, 2022Updated 3 years ago
- Windows x64 DLL/Driver manual map injection on a non-present PML4E using physical memory read/writes, direct page table manipulation and …☆86Sep 28, 2025Updated 5 months ago
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆73Aug 11, 2023Updated 2 years ago
- Former UEFI Firmware Rootkit Replicating MoonBounce / ESPECTRE☆11Jun 14, 2022Updated 3 years ago
- An example of how to use Microsoft Windows Warbird technology☆97Apr 23, 2023Updated 2 years ago
- Research-focused hypervisor offering advanced tools for debugging, virtual machine introspection, and automation.☆44Nov 21, 2025Updated 4 months ago