allogic / KDBG
The windows kernel debugger consists of two parts, KMOD which is the kernel driver handling ring3 request and KCLI, the command line interface for the driver. It originated due to insufficient useability with CheatEngine's DBVM driver while debugging games running under certain AntiCheat software.
☆94Updated 2 years ago
Alternatives and similar repositories for KDBG:
Users that are interested in KDBG are comparing it to the libraries listed below
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆112Updated 3 years ago
- ☆79Updated 3 years ago
- Handling C++ & __try exceptions without the need of built-in handlers.☆69Updated 3 years ago
- Some psuedo snippets from BattlEye's BEDaisy.sys loaded on Rainbow Six: Siege.☆123Updated 2 years ago
- Kernel driver that uses Shared memory to communicate with UserMode☆85Updated 5 years ago
- This project will give you an example how you can hook a kernel vtable function that cannot be directly called☆82Updated 3 years ago
- ☆68Updated 3 years ago
- An x64 page table iterator written in C++ as a kernel mode windows driver.☆108Updated 3 years ago
- x64 manual mapper using inline syscalls☆9Updated 3 years ago
- base for testing☆163Updated 6 months ago
- Kernel Lazy Importer☆111Updated last year
- Scans all modules in target process for jmp/int3 hooks dissassembles then and follows jmps to destination.☆75Updated last year
- ☆52Updated 2 years ago
- Static user/kernel mode library that allows access to all functions and global variables by extracting offsets from the PDB☆84Updated 2 weeks ago
- A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy☆83Updated last year
- A PoC for requesting HWIDs directly from hardware, skipping any potential hooks or OS support.☆79Updated 4 years ago
- ☆48Updated last year
- Virtual and physical memory hacking library using gigabyte vulnerable driver☆71Updated 2 years ago
- A documented Windows x64 bit Usermode Injector that works via hooking IAT and hijacking its threads to execute shellcode.☆64Updated last year
- Kernel-based memory hacking framework communicating with a kernel driver via sockets.☆92Updated 3 years ago
- Hide external overlay by using SetWindowDisplayAffinity☆93Updated 3 years ago
- ☆42Updated 3 years ago
- Bypassing EasyAntiCheat.sys self-integrity by abusing call hierarchy☆81Updated 2 years ago
- ☆68Updated 2 years ago
- Easy Anti PatchGuard☆214Updated 4 years ago
- driver manual mapper powered by https://github.com/estimated1337/lenovo_exec☆109Updated 2 years ago
- DWM Overlay without write .text☆79Updated 6 months ago
- ☆45Updated 3 years ago
- just proof of concept. hooking MmCopyMemory PG safe.☆67Updated last year
- ☆93Updated last year