SysCallHook / reg-expoit
☆10Updated this week
Related projects: ⓘ
- ☆13Updated this week
- UM-KM Communication using registry callbacks☆35Updated 4 years ago
- POC kernel driver with hidden system thread☆10Updated 4 months ago
- communicate with kernel using a image on disk☆15Updated 4 months ago
- ☆25Updated this week
- Proof of Concept Kernel-User Communication using System Thread.☆14Updated 11 months ago
- Old way for blocking NMI interrupts☆25Updated 2 years ago
- ☆12Updated 2 years ago
- Written in a couple hours, don't judge :)☆10Updated last year
- ☆23Updated this week
- A simple MmCopyMemory hook.☆32Updated 2 years ago
- ☆17Updated 2 years ago
- search for a driver/dll module that has a wanted section bigger than the size of your image☆21Updated 3 years ago
- An advanced DKOM for drivers with "DRIVER_OBJECT"☆17Updated last year
- ☆40Updated 2 years ago
- ☆29Updated 11 months ago
- 将驱动映射到会话空间☆32Updated 2 years ago
- Execute anything in a legit memory region by attacking a windows driver☆21Updated last year
- ☆3Updated last year
- ☆19Updated 2 years ago
- Patches DSE by swapping both data ptrs located in SeValidateImageHeader && SeValidateImageData☆19Updated 7 months ago
- Mapping your code on a 0x1000 size page☆66Updated 2 years ago
- ☆15Updated this week
- partially disable patchguard up to win11 21H2☆10Updated 3 months ago
- clearing traces of a loaded driver☆45Updated 2 years ago
- Header only UM AC "bypass"☆16Updated 4 months ago
- Freeze target threads (external - internal ) by avoiding SuspendThread detections. Or access registers from start address.☆29Updated 5 months ago
- Achieving code execution through abusing VEH☆15Updated last year
- ☆30Updated 2 years ago
- ☆31Updated this week