C# Kernel Mode Driver example using NativeAOT
☆192Jan 3, 2022Updated 4 years ago
Alternatives and similar repositories for KernelSharp
Users that are interested in KernelSharp are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- C# Kernel Mode Driver to read and write memory in protected processes☆386Aug 3, 2023Updated 2 years ago
- Bringing kernel driver to C# with NativeAOT (Surpassed by https://github.com/ZeroLP/WDK.NET)☆47Nov 15, 2022Updated 3 years ago
- Windows Kernel Driver Development in C# with Windows Driver Kit (WDK)☆87Nov 22, 2022Updated 3 years ago
- A Proof-of-Concept implementation for Proxy Object Obfuscation in .NET☆48Jan 8, 2023Updated 3 years ago
- Universal unpacker and fixer for a number of modded ConfuserEx protections☆108Nov 13, 2020Updated 5 years ago
- HookDetector.NET is a .NET Library to detect hooks in API functions☆27Nov 21, 2020Updated 5 years ago
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆663Jan 28, 2025Updated last year
- Yet another CawkVM unpacker...☆80Feb 24, 2023Updated 3 years ago
- ☆46Nov 6, 2021Updated 4 years ago
- Packer compressing .net assemblies, (ab)using the PE format for data storage☆177Jan 14, 2023Updated 3 years ago
- NativeAOT assisted native .NET DLL injection☆39Nov 9, 2022Updated 3 years ago
- Experimental Research .NET Anti-Cheat Framework (NACF)☆23May 21, 2021Updated 4 years ago
- VMUnprotect can dynamically log and manipulate calls from virtualized methods by VMProtect.☆481Apr 16, 2023Updated 2 years ago
- Generic static analysis framework.☆254Mar 9, 2026Updated 2 weeks ago
- A library for creating, reading and editing PE files and .NET modules.☆1,057Updated this week
- ☆31Oct 1, 2021Updated 4 years ago
- Easy Anti PatchGuard☆223Apr 9, 2021Updated 4 years ago
- ☆31Jan 12, 2022Updated 4 years ago
- ☆14Sep 22, 2023Updated 2 years ago
- Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.☆389Aug 8, 2021Updated 4 years ago
- ☆33Jul 6, 2020Updated 5 years ago
- Stealthy UM <-> KM communication system without creating any system threads, permanent hooks, driver objects, section objects or device o…☆381Mar 15, 2024Updated 2 years ago
- Fetch PDB symbols directly from Microsoft's symbol servers☆48Oct 22, 2025Updated 5 months ago
- Utility that tries to generate every single CIL opcode possible in a valid context.☆28Sep 7, 2022Updated 3 years ago
- Clone running process with ZwCreateProcess☆59Nov 8, 2020Updated 5 years ago
- Small handy tool for crafting shellcodes by hand.☆18Apr 20, 2022Updated 3 years ago
- Extracts the files embedded inside of a .NET AppHost.☆20Dec 13, 2025Updated 3 months ago
- Dumping processes using the power of kernel space !☆1,045Nov 6, 2023Updated 2 years ago
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆321Oct 13, 2024Updated last year
- A VMP to VTIL lifter.☆446May 20, 2021Updated 4 years ago
- Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…☆218Feb 20, 2023Updated 3 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆121Feb 8, 2022Updated 4 years ago
- Rendering on external windows via hijacking thread contexts☆406Jun 28, 2020Updated 5 years ago
- ☆109Jun 30, 2021Updated 4 years ago
- Example JIT Hook for .NET FW/Core.☆54Feb 21, 2020Updated 6 years ago
- .NET flow analysis and emulation library☆25Oct 3, 2020Updated 5 years ago
- Think APIMonitor, but for .NET binaries.☆61Feb 22, 2023Updated 3 years ago
- Hiding the window from screenshots using the function win32kfull::GreProtectSpriteContent☆637Dec 26, 2024Updated last year
- .NET Virtualization made in C#☆89Jul 19, 2021Updated 4 years ago