VollRagm / PTView

Related projects ⓘ

Alternatives and complementary repositories for PTView

• jonomango / nohv
  Kernel driver for detecting Intel VT-x hypervisors.
  ☆170Updated last year
• mike1k / pepp
  C++ library for parsing and manipulating PE files statically and dynamically.
  ☆87Updated last year
• thesecretclub / callout-poc
  ☆139Updated 3 years ago
• mike1k / HookHunter
  Analyze patches in a process
  ☆247Updated 3 years ago
• kkent030315 / NoPatchGuardCallback
  x64 Windows PatchGuard bypass, register process-creation callbacks from unsigned code
  ☆196Updated 3 years ago
• Deputation / instrumentation_callbacks
  A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.
  ☆117Updated 3 years ago
• hoangprod / LeoSpecial-VEH-Hook
  Vectored Exception Handling Hooking Class
  ☆145Updated 5 years ago
• kkent030315 / NtSymbol
  Resolve DOS MZ executable symbols at runtime
  ☆93Updated 3 years ago
• kkent030315 / anycall
  x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration
  ☆226Updated 2 years ago
• Xyrem / Yumekage
  Demo proof of concept for shadow regions, and implementation of HyperDeceit.
  ☆267Updated last year
• can1357 / physical_mem_controller
  A library to read physical memory and system-wide virtual memory.
  ☆122Updated 6 years ago
• not-matthias / Nemesis
  A customizable process dumper.
  ☆129Updated 5 years ago
• gmh5225 / CallMeWin32kDriver
  Load your driver like win32k.sys
  ☆246Updated 2 years ago
• MellowNight / AetherVisor
  Memory hacking library powered by AMD SVM
  ☆297Updated last year
• Deputation / hygieia
  Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.
  ☆136Updated 2 years ago
• notscimmy / pplib
  Elevate a process to be a protected process
  ☆142Updated 5 years ago
• not-wlan / driver-hijack
  ☆153Updated 5 years ago
• 1401199262 / Hook-KdTrap
  ☆193Updated last year
• VollRagm / lpmapper
  A mapper that maps shellcode into loaded large page drivers
  ☆229Updated 2 years ago
• btbd / wpp
  Intercepting DeviceControl via WPP
  ☆127Updated 5 years ago
• hfiref0x / WubbabooMark
  Debugger Anti-Detection Benchmark
  ☆291Updated 11 months ago
• SamuelTulach / memhv
  Minimalistic AMD-V/SVM hypervisor with memory introspection capabilities
  ☆182Updated 5 months ago
• adrianyy / KeInject
  Kernel LdrLoadDll injector
  ☆258Updated 6 years ago
• 0xcpu / WinAltSyscallHandler
  Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999
  ☆206Updated 5 years ago
• not-wlan / instrumentation-callbacks
  based on https://github.com/secrary/Hooking-via-InstrumentationCallback
  ☆67Updated 5 years ago
• can1357 / hvdetecc
  Collection of hypervisor detections
  ☆189Updated last month
• waryas / KACE
  Emulate Drivers in RING3 with self context mapping or unicorn
  ☆302Updated 2 years ago
• skadro-official / PE-Dump-Fixer
  PE-Dump-Fixer
  ☆102Updated 4 years ago
• dennisbabkin / InjectAll
  Tutorial & a blog post that demonstrate how to code a Windows driver to inject a custom DLL into all running processes. I coded it from s…
  ☆123Updated 3 years ago
• Deputation / pagewalkr
  An x64 page table iterator written in C++ as a kernel mode windows driver.
  ☆103Updated 3 years ago