WCharacter / RDTSC-KVM-HandlerView external linksLinks
my patches for linux kernel to spoof rdtsc and make vm exit undetected
☆269Jul 7, 2024Updated last year
Alternatives and similar repositories for RDTSC-KVM-Handler
Users that are interested in RDTSC-KVM-Handler are comparing it to the libraries listed below
Sorting:
- PoC TSC offsetting in KVM☆135Oct 31, 2020Updated 5 years ago
- A patch to hide qemu itself, bypass mhyprot,EAC,nProtect / VMProtect,VProtect, Themida, Enigma Protector,Safegine Shielden☆1,379May 7, 2024Updated last year
- A guide for spoofing KVM☆129Nov 20, 2025Updated 2 months ago
- ☆15Oct 7, 2020Updated 5 years ago
- Kernel module to evade KVM's detection through RDTSC timer☆38Nov 15, 2021Updated 4 years ago
- An example code of CiGetCertPublisherName☆17Mar 24, 2022Updated 3 years ago
- Disks for DMA☆141Apr 28, 2021Updated 4 years ago
- ☆35Aug 7, 2020Updated 5 years ago
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆150Feb 12, 2022Updated 4 years ago
- A library to read/write memory to Windows on KVM☆279Sep 11, 2020Updated 5 years ago
- physical memory introspection framework☆945Feb 5, 2026Updated last week
- A PoC for requesting HWIDs directly from hardware, skipping any potential hooks or OS support.☆89Mar 16, 2021Updated 4 years ago
- Old way for blocking NMI interrupts☆29Sep 6, 2022Updated 3 years ago
- 🪝 Various EPT hook detection approaches☆143Jul 29, 2025Updated 6 months ago
- base for testing☆186Sep 28, 2024Updated last year
- Discarded Section Manual Map☆68Jun 18, 2020Updated 5 years ago
- Browse Page Tables on Windows (Page Table Viewer)☆234Apr 2, 2022Updated 3 years ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆68Aug 11, 2023Updated 2 years ago
- Detect removed thread from PspCidTable.☆75Mar 18, 2022Updated 3 years ago
- ☆47Feb 27, 2022Updated 3 years ago
- A simple x86_64 AMD-v hypervisor type-2 Programmed with C++, with soon to be added syscall hooks. [W.I.P]☆103Aug 3, 2023Updated 2 years ago
- A way to detect DBI frameworks, Debuggers and VMs.☆23Nov 17, 2020Updated 5 years ago
- An x64 page table iterator written in C++ as a kernel mode windows driver.☆117May 25, 2021Updated 4 years ago
- ☆421Jan 1, 2025Updated last year
- Emulate Drivers in RING3 with self context mapping or unicorn☆365Aug 18, 2022Updated 3 years ago
- QEMU patched to avoid detection from various anticheats such as Battleye/EAC☆85Jun 9, 2024Updated last year
- RDTSC Thingy☆23Jan 30, 2021Updated 5 years ago
- memflow command line interface☆18Sep 10, 2024Updated last year
- bypass CRC☆12May 3, 2018Updated 7 years ago
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆75Aug 16, 2023Updated 2 years ago
- ☆28Nov 20, 2017Updated 8 years ago
- A simple password-based PE encryptor for Windows 32-bit executables.☆51Jan 9, 2025Updated last year
- Easy Anti PatchGuard☆223Apr 9, 2021Updated 4 years ago
- A native hypervisor designed for the Windows operating system☆125Mar 6, 2021Updated 4 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆119Feb 8, 2022Updated 4 years ago
- memflow plugin for ReClass.NET☆24Jul 29, 2024Updated last year
- A Type-1 hypervisor aimed to implement kernel hotswapping☆30Feb 8, 2024Updated 2 years ago
- The Grimoire Hypervisor solution for x86 Processors with experimental nested virtualization support. Remastering with Rust in progress.☆606Feb 1, 2026Updated last week
- A library to develop kernel level Windows payloads for post HVCI era☆483May 18, 2021Updated 4 years ago