VollRagm / PTViewLinks
Browse Page Tables on Windows (Page Table Viewer)
☆210Updated 3 years ago
Alternatives and similar repositories for PTView
Users that are interested in PTView are comparing it to the libraries listed below
Sorting:
- ☆145Updated 4 years ago
- Analyze patches in a process☆254Updated 3 years ago
- ☆208Updated 2 years ago
- Kernel driver for detecting Intel VT-x hypervisors.☆188Updated last year
- Demo proof of concept for shadow regions, and implementation of HyperDeceit.☆280Updated 2 years ago
- C++ library for parsing and manipulating PE files statically and dynamically.☆88Updated last year
- x64 Windows PatchGuard bypass, register process-creation callbacks from unsigned code☆204Updated 4 years ago
- Load your driver like win32k.sys☆255Updated 2 years ago
- A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.☆136Updated 3 years ago
- Collection of hypervisor detections☆239Updated 8 months ago
- A mapper that maps shellcode into loaded large page drivers☆283Updated 3 years ago
- Ghetto user mode emulation of Windows kernel drivers.☆140Updated 8 months ago
- Elevate a process to be a protected process☆150Updated 5 years ago
- Hooking Windows' exception dispatcher to protect process's PML4☆178Updated 5 months ago
- ☆181Updated 3 years ago
- Kernel LdrLoadDll injector☆260Updated 6 years ago
- Vectored Exception Handling Hooking Class☆159Updated 6 years ago
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆122Updated 2 years ago
- x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration☆330Updated 2 years ago
- ☆153Updated 5 years ago
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆145Updated 3 years ago
- 🪝 Different aproaches to detecting EPT hooks☆112Updated 3 years ago
- Easy Anti PatchGuard☆221Updated 4 years ago
- This project migrated to https://github.com/backengineering/llvm-msvc☆143Updated last year
- Resolve DOS MZ executable symbols at runtime☆95Updated 3 years ago
- load unsigned kernel-driver by patching dse in 248 lines☆124Updated last year
- Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling withou…☆206Updated 7 months ago
- Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executabl…☆332Updated 3 years ago
- Kernel Lazy Importer☆121Updated last year
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆113Updated 3 years ago