aaaddress1 / ntkrnlProtectScan
One Click Tool to Scan All the Enabled Protection of current Windows NT Kernel
☆43Updated last year
Alternatives and similar repositories for ntkrnlProtectScan:
Users that are interested in ntkrnlProtectScan are comparing it to the libraries listed below
- Windows AppLocker Driver (appid.sys) LPE☆53Updated 8 months ago
- ☆29Updated last year
- Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver☆50Updated last year
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆26Updated last year
- havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets☆26Updated 7 months ago
- https://github.com/janoglezcampos/c_syscalls with the ASM rewritten by myself for Visual Studio's Compiler.☆30Updated 9 months ago
- Research into removing strings & API call references at compile-time (Anti-Analysis)☆25Updated 9 months ago
- ☆37Updated last month
- HEVD Exploit: ArbitraryWrite on Windows 10 22H2 - Bypassing KVA Shadow and SMEP via PML4 Entry Manipulation☆24Updated 8 months ago
- ☆21Updated 11 months ago
- Proof-of-Concept for CVE-2024-26218☆50Updated 11 months ago
- Research of modifying exported function names at runtime (C/C++, Windows)☆17Updated 10 months ago
- Reimplementation of the KExecDD DSE bypass technique.☆47Updated 6 months ago
- API Hammering with C++20☆45Updated 2 years ago
- A fast method to intercept syscalls from any user-mode process using InstrumentationCallback and detect any process using Instrumentation…☆26Updated last year
- CVE-2024-40431+CVE-2022-25479 chain for EOP(DATA ONLY ATTACK)☆44Updated 5 months ago
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆36Updated last year
- A pure C version of SymProcAddress☆26Updated last year
- Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules☆41Updated last year
- the Open Source and Pure C++ Packer for eXecutables☆18Updated 2 years ago
- An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe component☆11Updated last year
- PoC exploit for HP Hardware Diagnostic's EtdSupp driver☆50Updated last year
- Callstack spoofing using a VEH because VEH all the things.☆19Updated last week
- yet another sleep encryption thing. also used the default github repo name for this one.☆70Updated last year
- A (quite) simple steganography algorithm to hide shellcodes within bitmap image.☆21Updated 10 months ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 2 years ago
- EvtPsst☆53Updated last year
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆30Updated last year
- C# API for Nidhogg rootkit☆17Updated 11 months ago
- Section-based payload obfuscation technique for x64☆59Updated 7 months ago