clearing traces of a loaded driver
☆47Jul 2, 2022Updated 3 years ago
Alternatives and similar repositories for ClearDriverTraces
Users that are interested in ClearDriverTraces are comparing it to the libraries listed below
Sorting:
- Stealing signatures from pe files☆15Apr 1, 2025Updated 11 months ago
- Inject dll to process in driver☆10Aug 27, 2024Updated last year
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- Drawing from kernelmode without any hooks☆174Jul 7, 2022Updated 3 years ago
- LPC (Local Procedure Call) is a portion of Windows NT kernel, used for fast communication between threads or processes. It can be also us…☆15Mar 21, 2021Updated 4 years ago
- ☆73Aug 31, 2022Updated 3 years ago
- Walks through the 4-level paging structures in Windows x64☆13Feb 12, 2023Updated 3 years ago
- A Simple Example☆23Nov 30, 2018Updated 7 years ago
- Compileable POC of namazso's x64 return address spoofer.☆50Jun 10, 2020Updated 5 years ago
- Visual Studio template for GNU-EFI☆16May 16, 2022Updated 3 years ago
- Some drivers I've written while solving exercises from Practical Reverse Engineering☆15Jan 9, 2022Updated 4 years ago
- ☆225Mar 11, 2023Updated 3 years ago
- An example code of CiGetCertPublisherName☆16Mar 24, 2022Updated 3 years ago
- Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.☆32May 18, 2022Updated 3 years ago
- IO隐藏通信封装☆17May 31, 2021Updated 4 years ago
- A simple way to spoof return addresses using an exception handler☆44Aug 3, 2022Updated 3 years ago
- Hide codes/data in the kernel address space.☆188May 8, 2021Updated 4 years ago
- Discarded Section Manual Map☆70Jun 18, 2020Updated 5 years ago
- This project will give you an example how you can hook a kernel vtable function that cannot be directly called☆84Dec 25, 2021Updated 4 years ago
- base for testing☆187Sep 28, 2024Updated last year
- Illustrates the concept of return address spoofing, and how it is used.☆14May 13, 2020Updated 5 years ago
- ☆10Jul 18, 2022Updated 3 years ago
- A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing…☆14Nov 8, 2020Updated 5 years ago
- mash hypervisor host pml4☆17Jun 22, 2022Updated 3 years ago
- windows kernel pagehook☆42Oct 30, 2022Updated 3 years ago
- ☆23Oct 28, 2020Updated 5 years ago
- ☆158May 21, 2024Updated last year
- csgo external running from kernelmode☆106Nov 29, 2022Updated 3 years ago
- Hijack NotifyRoutine for a kernelmode thread☆41Jun 4, 2022Updated 3 years ago
- InfinityHookProMax: Make InfinityHook great great again☆52Aug 25, 2023Updated 2 years ago
- manually map driver for a signed driver memory space☆177Mar 11, 2021Updated 5 years ago
- it's a driver injector or driver loader header lib(Windows)☆12Aug 5, 2023Updated 2 years ago
- ☆12Oct 12, 2021Updated 4 years ago
- Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL☆220Nov 12, 2020Updated 5 years ago
- A very simple C++ library for download pdb, get rva of function, global variable and offset from struct.☆159Mar 26, 2024Updated last year
- ☆26Aug 7, 2023Updated 2 years ago
- bypass CRC☆12May 3, 2018Updated 7 years ago
- ☆23May 8, 2023Updated 2 years ago
- ☆174Mar 9, 2022Updated 4 years ago