clearing traces of a loaded driver
☆47Jul 2, 2022Updated 3 years ago
Alternatives and similar repositories for ClearDriverTraces
Users that are interested in ClearDriverTraces are comparing it to the libraries listed below
Sorting:
- Stealing signatures from pe files☆15Apr 1, 2025Updated 10 months ago
- Inject dll to process in driver☆10Aug 27, 2024Updated last year
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- Drawing from kernelmode without any hooks☆174Jul 7, 2022Updated 3 years ago
- ☆23Oct 28, 2020Updated 5 years ago
- ☆73Aug 31, 2022Updated 3 years ago
- Walks through the 4-level paging structures in Windows x64☆13Feb 12, 2023Updated 3 years ago
- A Simple Example☆23Nov 30, 2018Updated 7 years ago
- Compileable POC of namazso's x64 return address spoofer.☆50Jun 10, 2020Updated 5 years ago
- LPC (Local Procedure Call) is a portion of Windows NT kernel, used for fast communication between threads or processes. It can be also us…☆15Mar 21, 2021Updated 4 years ago
- Some drivers I've written while solving exercises from Practical Reverse Engineering☆15Jan 9, 2022Updated 4 years ago
- A simple way to spoof return addresses using an exception handler☆43Aug 3, 2022Updated 3 years ago
- Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.☆32May 18, 2022Updated 3 years ago
- eac memory sig maker☆14Jun 10, 2021Updated 4 years ago
- IO隐藏通信封装☆17May 31, 2021Updated 4 years ago
- An example code of CiGetCertPublisherName☆17Mar 24, 2022Updated 3 years ago
- detect hypervisor with Nmi Callback☆42Sep 25, 2022Updated 3 years ago
- base for testing☆186Sep 28, 2024Updated last year
- windows kernel pagehook☆41Oct 30, 2022Updated 3 years ago
- ☆223Mar 11, 2023Updated 2 years ago
- Hide codes/data in the kernel address space.☆188May 8, 2021Updated 4 years ago
- This is a simple project of a driver + usermode.☆168Jan 31, 2022Updated 4 years ago
- This project will give you an example how you can hook a kernel vtable function that cannot be directly called☆84Dec 25, 2021Updated 4 years ago
- Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL☆219Nov 12, 2020Updated 5 years ago
- it's a driver injector or driver loader header lib(Windows)☆12Aug 5, 2023Updated 2 years ago
- A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing…☆14Nov 8, 2020Updated 5 years ago
- mash hypervisor host pml4☆17Jun 22, 2022Updated 3 years ago
- Kernel mode to user mode injector☆11Mar 31, 2020Updated 5 years ago
- Visual Studio template for GNU-EFI☆16May 16, 2022Updated 3 years ago
- InfinityHookProMax: Make InfinityHook great great again☆52Aug 25, 2023Updated 2 years ago
- Hijack NotifyRoutine for a kernelmode thread☆41Jun 4, 2022Updated 3 years ago
- hidden_syscall - syscaller without using syscall instruction in code☆63Jan 23, 2023Updated 3 years ago
- A C++ syscall ID extractor for Windows. Developed, debugged and tested on 20H2.☆21May 25, 2021Updated 4 years ago
- Modified version of face injector v2, added some things and alternative injection method. TAGS: fortnite cheat, fortnite injector☆78May 26, 2022Updated 3 years ago
- ☆10Jul 18, 2022Updated 3 years ago
- Simple IOCTL hooking driver for Kernel- User - Mode communication.☆11Jul 26, 2020Updated 5 years ago
- ☆74Jan 15, 2022Updated 4 years ago
- Calling "own" MouseClassServiceCallback☆76Jul 28, 2022Updated 3 years ago
- csgo external running from kernelmode☆106Nov 29, 2022Updated 3 years ago