Y33Tcoder / EventSyncDriver
Manually Mapped Windows Kernel Driver + Usermode API for Arbitrary R/W to UM process via a UM thread trapped in kernel, synchronized with Windows Event Objects
☆13Updated 3 years ago
Related projects: ⓘ
- ☆18Updated last year
- RWX Section Abusing☆16Updated 10 months ago
- POC kernel driver with hidden system thread☆10Updated 4 months ago
- Stealing signatures from pe files☆15Updated 2 years ago
- Patches DSE by swapping both data ptrs located in SeValidateImageHeader && SeValidateImageData☆19Updated 7 months ago
- ☆11Updated 3 years ago
- Not mine. Only for saving☆20Updated 2 years ago
- search for a driver/dll module that has a wanted section bigger than the size of your image☆21Updated 3 years ago
- ☆23Updated last year
- ☆11Updated 5 years ago
- hooks gServerHandlers xxxEventWndProc☆12Updated 2 years ago
- A Simple Example☆19Updated 5 years ago
- Hijack NotifyRoutine for a kernelmode thread☆40Updated 2 years ago
- ☆19Updated 2 years ago
- ☆19Updated 7 months ago
- ☆15Updated this week
- ☆12Updated 2 years ago
- Illustrates the concept of return address spoofing, and how it is used.☆14Updated 4 years ago
- Logging library for kernel drivers written for the Windows NT operating system.☆17Updated 3 months ago
- simply manual map any system image☆16Updated 3 years ago
- Communicate from ring-0 to ring-3 using NamedPipes.☆9Updated last year
- Disable threat tracing from the kernel..☆12Updated 2 years ago
- A resource for thread hijacking and manual mapping code, that works with MEM_MAPPED & MEM_IMAGE.☆22Updated 3 years ago
- ☆28Updated this week
- Register a callback from a Manually mapped kernel module☆11Updated 2 years ago
- An example code of CiGetCertPublisherName☆14Updated 2 years ago
- IO隐藏通信封装☆14Updated 3 years ago
- ☆10Updated 2 years ago
- ☆15Updated 3 years ago
- x64 assembler library☆32Updated 3 months ago