C# Kernel Mode Driver example using NativeAOT
☆191Jan 3, 2022Updated 4 years ago
Alternatives and similar repositories for KernelSharp
Users that are interested in KernelSharp are comparing it to the libraries listed below
Sorting:
- C# Kernel Mode Driver to read and write memory in protected processes☆386Aug 3, 2023Updated 2 years ago
- Bringing kernel driver to C# with NativeAOT (Surpassed by https://github.com/ZeroLP/WDK.NET)☆47Nov 15, 2022Updated 3 years ago
- Windows Kernel Driver Development in C# with Windows Driver Kit (WDK)☆87Nov 22, 2022Updated 3 years ago
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆657Jan 28, 2025Updated last year
- A Proof-of-Concept implementation for Proxy Object Obfuscation in .NET☆48Jan 8, 2023Updated 3 years ago
- Universal unpacker and fixer for a number of modded ConfuserEx protections☆107Nov 13, 2020Updated 5 years ago
- Easy Anti PatchGuard☆223Apr 9, 2021Updated 4 years ago
- ☆31Oct 1, 2021Updated 4 years ago
- Yet another CawkVM unpacker...☆80Feb 24, 2023Updated 3 years ago
- ☆46Nov 6, 2021Updated 4 years ago
- Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL☆219Nov 12, 2020Updated 5 years ago
- Utility that tries to generate every single CIL opcode possible in a valid context.☆28Sep 7, 2022Updated 3 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆121Feb 8, 2022Updated 4 years ago
- Packer compressing .net assemblies, (ab)using the PE format for data storage☆177Jan 14, 2023Updated 3 years ago
- Fetch PDB symbols directly from Microsoft's symbol servers☆48Oct 22, 2025Updated 4 months ago
- ☆31Jan 12, 2022Updated 4 years ago
- Dumping processes using the power of kernel space !☆1,044Nov 6, 2023Updated 2 years ago
- VMUnprotect can dynamically log and manipulate calls from virtualized methods by VMProtect.☆478Apr 16, 2023Updated 2 years ago
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆318Oct 13, 2024Updated last year
- HookDetector.NET is a .NET Library to detect hooks in API functions☆27Nov 21, 2020Updated 5 years ago
- Lightweight x86-64 disassembling library☆44Aug 22, 2022Updated 3 years ago
- Rendering on external windows via hijacking thread contexts☆404Jun 28, 2020Updated 5 years ago
- x86 PE Mutator☆233Dec 24, 2022Updated 3 years ago
- A library for creating, reading and editing PE files and .NET modules.☆1,049Updated this week
- System call hook for Windows 10 20H1☆496Jun 26, 2021Updated 4 years ago
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆151Feb 12, 2022Updated 4 years ago
- The program draws with win32k gdi functions in the kernel while NtGdiDdDDISubmitCommand is being hooked.☆345Apr 27, 2020Updated 5 years ago
- windows kernelmode driver to inject dll into each and every process and perform systemwide function hooking☆53Aug 28, 2022Updated 3 years ago
- WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs☆18Aug 11, 2023Updated 2 years ago
- Dynamic Taint Analysis versus Obfuscated Self-Checking☆16Sep 5, 2021Updated 4 years ago
- Small handy tool for crafting shellcodes by hand.☆18Apr 20, 2022Updated 3 years ago
- A simple x86_64 AMD-v hypervisor type-2 Programmed with C++, with soon to be added syscall hooks. [W.I.P]☆104Aug 3, 2023Updated 2 years ago
- Stealthy UM <-> KM communication system without creating any system threads, permanent hooks, driver objects, section objects or device o…☆379Mar 15, 2024Updated last year
- x64Dbg plugin that enables C# plugins with hot-loading support and scripting.☆233Apr 12, 2024Updated last year
- Generic static analysis framework.☆250Updated this week
- A VMP to VTIL lifter.☆445May 20, 2021Updated 4 years ago
- Clone running process with ZwCreateProcess☆59Nov 8, 2020Updated 5 years ago
- Universal x86/x64 VMProtect 2.0-3.X Import fixer☆20Dec 29, 2021Updated 4 years ago
- Lua in kernel-mode because why not.☆367Dec 3, 2021Updated 4 years ago