TheDuchy / rdtsc-cpuid-vm-check
PoC that measures how long it takes the CPU to execute the CPUID instruction and reports if it suspects a VM. Works on both Windows and Linux.
☆23Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for rdtsc-cpuid-vm-check
- Binary rewriter for 64-bit PE files.☆43Updated 9 months ago
- C/C++ antidebugging library for 32 and 64 bit processors☆12Updated 4 months ago
- Me fockin' pe protector☆45Updated 2 years ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆62Updated last year
- x64 Windows implementation of virtual-address to physical-address translation☆41Updated 3 years ago
- A basic Secure Virtual Machine hypervisor☆20Updated 3 years ago
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆48Updated 3 years ago
- Windows kernel driver template for cmkr and llvm-msvc.☆33Updated 11 months ago
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆46Updated last year
- CMake template for a basic EFI application/bootkit. This library is header-only, there is no EDK2 runtime!).☆76Updated 2 years ago
- ☆25Updated 3 years ago
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆39Updated 2 years ago
- How Meltdown and Spectre haunt Anti-Cheat: DVRT details☆20Updated 3 months ago
- ☆57Updated 2 years ago
- Windows PDB parser for kernel-mode environment.☆90Updated last year
- My research WIP bluepill hypervisor☆41Updated last year
- An extended proof-of-concept for the CVE-2021-21551 Dell ‘dbutil_2_3.sys’ Kernel Exploit☆23Updated 3 years ago
- PDB Rewriting Rust Library☆20Updated 6 months ago
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year
- Visual Studio Project example for using Microsoft's STL in WDM (Windows Kernel-mode Driver)☆23Updated 3 years ago
- Disassembler for Zeus VM custom instruction set☆24Updated 9 months ago
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆69Updated last year
- Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible. No …☆15Updated 5 months ago
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆69Updated last year
- A native Windows library for intercepting kernel-to-user transitions using instrumentation callbacks☆16Updated 9 months ago
- A intel hypervisor, implementing many virtualization techniques☆37Updated last year
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆48Updated last year
- Proof-of-concept game using VBS enclaves to protect itself from cheating☆19Updated last week
- intel vt-x type 2 hypervisor☆48Updated 5 months ago
- A thin introspection hypervisor framework that allows for low level resource manipulation.☆12Updated 9 months ago