VollRagm / PTViewLinks
Browse Page Tables on Windows (Page Table Viewer)
☆212Updated 3 years ago
Alternatives and similar repositories for PTView
Users that are interested in PTView are comparing it to the libraries listed below
Sorting:
- ☆148Updated 4 years ago
- Kernel driver for detecting Intel VT-x hypervisors.☆189Updated 2 years ago
- A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.☆137Updated 3 years ago
- Demo proof of concept for shadow regions, and implementation of HyperDeceit.☆285Updated 2 years ago
- Ghetto user mode emulation of Windows kernel drivers.☆144Updated 9 months ago
- Load your driver like win32k.sys☆254Updated 2 years ago
- nmi stackwalking + module verification☆128Updated last year
- ☆153Updated 5 years ago
- Analyze patches in a process☆255Updated 4 years ago
- a minimalistic windows hypervisor for amd processors☆123Updated 3 years ago
- memory introspection and reverse engineering hypervisor powered by leveraging Hyper-V☆258Updated 2 weeks ago
- Hooking Windows' exception dispatcher to protect process's PML4☆188Updated 6 months ago
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆145Updated 3 years ago
- Easy Anti PatchGuard☆224Updated 4 years ago
- ☆213Updated 2 years ago
- x64 Windows PatchGuard bypass, register process-creation callbacks from unsigned code☆206Updated 4 years ago
- This project migrated to https://github.com/backengineering/llvm-msvc☆145Updated last year
- Bypassing PatchGuard on modern x64 systems☆263Updated 2 years ago
- A mapper that maps shellcode into loaded large page drivers☆290Updated 3 years ago
- C++ library for parsing and manipulating PE files statically and dynamically.☆88Updated last year
- x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration☆332Updated 3 years ago
- Collection of hypervisor detections☆246Updated 10 months ago
- Vectored Exception Handling Hooking Class☆163Updated 6 years ago
- A library to read physical memory and system-wide virtual memory.☆126Updated 7 years ago
- Tutorial & a blog post that demonstrate how to code a Windows driver to inject a custom DLL into all running processes. I coded it from s…☆136Updated 4 years ago
- Elevate a process to be a protected process☆151Updated 5 years ago
- load unsigned kernel-driver by patching dse in 248 lines☆129Updated last year
- Proof of concept on how to bypass some limitations of a manual mapped driver☆172Updated 4 years ago
- Debugger Anti-Detection Benchmark☆347Updated 2 weeks ago
- 🪝 Different approaches for EPT hook detection☆115Updated this week