Rat431 / ColdKernel_KUSERLinks
A simple kernel mode driver that hooks some values at the KUSER_SHARED_DATA structure.
☆26Updated 5 years ago
Alternatives and similar repositories for ColdKernel_KUSER
Users that are interested in ColdKernel_KUSER are comparing it to the libraries listed below
Sorting:
- (DEPRECATED) A simple anti-anti debug library for Windows☆29Updated 4 years ago
- ☆17Updated 4 years ago
- Analysing and defeating PatchGuard universally☆35Updated 4 years ago
- Example of hijacking system calls via function pointer tables☆31Updated 3 years ago
- ice9 - is anticheat based on usermode tricks and undocumented methods , builded as dll for loading trought the shibari framework☆21Updated 4 months ago
- Remote memory library in C++17.☆31Updated 7 years ago
- Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.☆29Updated 3 years ago
- Disable threat tracing from the kernel..☆13Updated 3 years ago
- Small class to parse debug info from PEs, download their respective PDBs from the Microsoft Public Symbol Server and calculate RVAs of fu…☆44Updated 2 years ago
- NT reversal☆25Updated 6 years ago
- A simple open source module injector library x86/x64 for Windows☆21Updated 5 years ago
- detect hypervisor with Nmi Callback☆34Updated 2 years ago
- Stealthy Injector that leverages a vulnerable driver and other exploits to remain undetected☆36Updated 6 years ago
- driver interface with dll-injection capabilities☆28Updated 4 years ago
- ☆35Updated 4 years ago
- Driver Loader/BE Bypass/Win Malware(lol)☆34Updated 5 years ago
- simply manual map any system image☆17Updated 4 years ago
- Intel learning hypervisor and some extend function☆22Updated 5 months ago
- battleye shellcode☆18Updated 5 years ago
- ☆36Updated 4 years ago
- win32/x64 obfuscate framework☆32Updated 6 years ago
- ☆24Updated last year
- x64 injector using LoadLibrary made in assembler (MASM)☆26Updated 6 years ago
- A poc that abuses Enclave☆38Updated 2 years ago
- x64 assembler library☆31Updated 11 months ago
- ☆30Updated 2 years ago
- Memory Guard Library☆11Updated 4 years ago
- comparing data of module exports from disk and memory, then caching any differences.☆22Updated 3 years ago
- Undocumented NsiAllocateAndGetTable usage in GetTcpTableInternal reverse engineered on Win7 X64☆20Updated 7 years ago
- viewing page boundaries of pages with PAGE_NOACCESS protection reveals the presence of x64dbg.☆23Updated 8 years ago