Ynob2000 / MappedCallback
Register a callback in Kernel from a manually mapped driver
☆41Updated 3 years ago
Alternatives and similar repositories for MappedCallback:
Users that are interested in MappedCallback are comparing it to the libraries listed below
- ☆69Updated 2 years ago
- Hiding a system thread against conventional means of detection☆40Updated 4 years ago
- 将驱动映射到会话空间☆34Updated 2 years ago
- A library to assist with memory & code protection.☆56Updated last year
- Mapping your code on a 0x1000 size page☆72Updated 2 years ago
- Discarded Section Manual Map☆67Updated 4 years ago
- A method to Disable DSE using .data ptr hooks☆30Updated last year
- UM-KM Communication using registry callbacks☆39Updated 4 years ago
- ☆30Updated 2 years ago
- POC Hook of nt!HvcallCodeVa☆51Updated 2 years ago
- ☆26Updated last year
- PsSetCreateProcessNotifyRoutine bypass proof-of-concept for manual mapped drivers☆31Updated 3 years ago
- ☆25Updated last year
- ☆48Updated 3 years ago
- ☆38Updated 2 years ago
- clearing traces of a loaded driver☆47Updated 2 years ago
- A simple ida python script to find .data ptr☆51Updated 2 years ago
- Windows Kernel nt files - To research windows kernel☆15Updated 4 years ago
- POC usermode <=> kernel communication via ALPC.☆53Updated 11 months ago
- A simple MmCopyMemory hook.☆37Updated 2 years ago
- ☆53Updated 2 years ago
- Old way for blocking NMI interrupts☆26Updated 2 years ago
- ☆10Updated 2 years ago
- ☆30Updated 7 months ago
- ☆46Updated 3 years ago
- ☆47Updated 4 years ago
- Windows Kernel Misc☆23Updated last year
- Translate virtual addresses to physical addresses from usermode.☆37Updated 11 months ago
- page table manipulation to gain physical r/w☆41Updated last year
- Freeze target threads (external - internal ) by avoiding SuspendThread detections. Or access registers from start address.☆32Updated last year