☆68Dec 17, 2020Updated 5 years ago
Alternatives and similar repositories for Errata1337
Users that are interested in Errata1337 are comparing it to the libraries listed below
Sorting:
- ☆17Oct 31, 2022Updated 3 years ago
- Figuring out the cause of a handle downgrade☆24Dec 13, 2022Updated 3 years ago
- A simple example how to decrypt kernel debugger data block☆32Feb 8, 2021Updated 5 years ago
- An example code of CiGetCertPublisherName☆16Mar 24, 2022Updated 3 years ago
- Intercepting DeviceControl via WPP☆138Nov 18, 2019Updated 6 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆241Nov 6, 2019Updated 6 years ago
- Detect removed thread from PspCidTable.☆75Mar 18, 2022Updated 3 years ago
- ☆15Oct 7, 2020Updated 5 years ago
- Custom KiSystemStartup, can be used to modificate kernel before boot.☆53Apr 7, 2022Updated 3 years ago
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆66Apr 4, 2020Updated 5 years ago
- Easily hook WIN32 x64 functions☆18Feb 19, 2025Updated last year
- Hook NtDeviceIoControlFile with PatchGuard☆107May 10, 2022Updated 3 years ago
- Driver Loader/BE Bypass/Win Malware(lol)☆36Jun 25, 2019Updated 6 years ago
- Hiding a system thread against conventional means of detection☆42Oct 7, 2020Updated 5 years ago
- Using NtCreateFile and NtDeviceIoControlFile to realize the function of winsock(利用NtCreateFile和NtDeviceIoControlFile 实现winsock的功能)☆128Sep 9, 2022Updated 3 years ago
- Undocumented NsiAllocateAndGetTable usage in GetTcpTableInternal reverse engineered on Win7 X64☆20Apr 7, 2018Updated 7 years ago
- A virtualization-based endpoint security solution for Windows☆88May 23, 2021Updated 4 years ago
- Communication via callback☆73Oct 9, 2019Updated 6 years ago
- Resolve DOS MZ executable symbols at runtime☆96Nov 12, 2021Updated 4 years ago
- A native hypervisor designed for the Windows operating system☆125Mar 6, 2021Updated 5 years ago
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆73Aug 11, 2023Updated 2 years ago
- CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers☆145Sep 5, 2020Updated 5 years ago
- ☆34Apr 11, 2023Updated 2 years ago
- NT reversal☆25Jul 12, 2018Updated 7 years ago
- Easy Anti PatchGuard☆223Apr 9, 2021Updated 4 years ago
- The sample DXE runtime driver demonstrating how to program DMA remapping.☆73Dec 27, 2023Updated 2 years ago
- Exploring Windows Internals.☆64Aug 18, 2020Updated 5 years ago
- Mapping your code on a 0x1000 size page☆71May 20, 2022Updated 3 years ago
- simply manual map any system image☆18Feb 1, 2021Updated 5 years ago
- A driver that supports communication between a Windows guest and HyperWin☆15Jan 6, 2021Updated 5 years ago
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆132Apr 26, 2023Updated 2 years ago
- Lightweight type-1 hypervisor offering a foundation for building advanced security-focused functionality.☆282Feb 16, 2026Updated 3 weeks ago
- ☆99Oct 6, 2017Updated 8 years ago
- win32/x64 obfuscate framework☆33Apr 16, 2019Updated 6 years ago
- API monitoring via return-hijacking thunks; works without information about target function prototypes.☆117May 26, 2020Updated 5 years ago
- Kernel Detective☆151Aug 12, 2022Updated 3 years ago
- Old way for blocking NMI interrupts☆29Sep 6, 2022Updated 3 years ago
- Command like tool to print mitigation flags for running processes in a memory dump☆47Sep 18, 2020Updated 5 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆121Feb 8, 2022Updated 4 years ago