allogic / KDBG
The windows kernel debugger consists of two parts, KMOD which is the kernel driver handling ring3 request and KCLI, the command line interface for the driver. It originated due to insufficient useability with CheatEngine's DBVM driver while debugging games running under certain AntiCheat software.
☆90Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for KDBG
- Bypassing EasyAntiCheat.sys self-integrity by abusing call hierarchy☆78Updated 2 years ago
- An x64 page table iterator written in C++ as a kernel mode windows driver.☆104Updated 3 years ago
- ☆132Updated 10 months ago
- Drawing from kernelmode without any hooks☆159Updated 2 years ago
- Standard Kernel Library for Windows hacking in C++☆91Updated 3 months ago
- base for testing☆156Updated last month
- Some psuedo snippets from BattlEye's BEDaisy.sys loaded on Rainbow Six: Siege.☆121Updated 2 years ago
- Kernel driver that uses Shared memory to communicate with UserMode☆84Updated 5 years ago
- This project will give you an example how you can hook a kernel vtable function that cannot be directly called☆80Updated 2 years ago
- Shows an example of how to implement VT-d/AMD-Vi on Windows☆81Updated last year
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆110Updated 2 years ago
- ☆70Updated 2 years ago
- x64 manual mapper using inline syscalls☆5Updated 3 years ago
- Windows X64 mode use seh in manual mapped dll or manual mapped sys☆67Updated 2 years ago
- DWM Overlay without modify .text☆45Updated 2 months ago
- ☆83Updated last year
- ☆78Updated 3 years ago
- Kernel Lazy Importer☆111Updated 7 months ago
- reverse engineering of bedaisy.sys (battleyes kernel driver) - Aki2k/BEDaisy☆59Updated 4 years ago
- ☆159Updated 2 years ago
- just proof of concept. hooking MmCopyMemory PG safe.☆63Updated last year
- InfinityHookProMax: Make InfinityHook great great again☆42Updated last year
- Kernel-Mode extended version of https://github.com/microsoft/Detours☆144Updated 2 years ago
- a Windows kernel Pdb parsing and downloading library that running purely in kernel mode without any R3 programs.☆142Updated 2 months ago
- A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy☆80Updated last year
- scans through physical memory and paging tables in kernel mode☆106Updated 4 years ago
- manually map driver for a signed driver memory space☆138Updated 3 years ago