adrianyy / KeInject
Kernel LdrLoadDll injector
☆258Updated 6 years ago
Related projects ⓘ
Alternatives and complementary repositories for KeInject
- x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration☆226Updated 2 years ago
- ☆152Updated 5 years ago
- Vectored Exception Handling Hooking Class☆145Updated 5 years ago
- Elevate a process to be a protected process☆143Updated 5 years ago
- Analyze patches in a process☆247Updated 3 years ago
- Easy Anti PatchGuard☆214Updated 3 years ago
- Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL☆201Updated 4 years ago
- Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.☆279Updated 3 years ago
- Load your driver like win32k.sys☆246Updated 2 years ago
- The program draws with win32k gdi functions in the kernel while NtGdiDdDDISubmitCommand is being hooked.☆251Updated 4 years ago
- Hide codes/data in the kernel address space.☆185Updated 3 years ago
- A mapper that maps shellcode into loaded large page drivers☆229Updated 2 years ago
- A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.☆117Updated 3 years ago
- ☆177Updated 2 years ago
- The Kernel-Mode Winsock library, supporting TCP, UDP and Unix sockets (DGRAM and STREAM).☆232Updated 7 months ago
- x64 Windows PatchGuard bypass, register process-creation callbacks from unsigned code☆197Updated 3 years ago
- This project migrated to https://github.com/backengineering/llvm-msvc☆140Updated last year
- Kernel Inject DLL☆343Updated last year
- Memory hacking library powered by AMD SVM☆297Updated last year
- Manual DLL Injector using Thread Hijacking.☆231Updated 7 years ago
- An Injector that can inject dll into game process protected by anti cheat using SetWindowsHookEx.☆238Updated 5 years ago
- Browse Page Tables on Windows (Page Table Viewer)☆185Updated 2 years ago
- Windows inline hooking tool.☆228Updated 6 years ago
- Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executabl…☆290Updated 2 years ago
- Code for Battleyes shellcode☆212Updated 3 years ago
- Hooking kernel functions by abusing alignment☆238Updated 3 years ago
- Using CVE-2023-21768 to manual map kernel mode driver☆176Updated last year
- ☆139Updated 3 years ago
- Windows Driver Kit Extesion Header (Undoc)☆132Updated 3 years ago