allogic / KDBG
The windows kernel debugger consists of two parts, KMOD which is the kernel driver handling ring3 request and KCLI, the command line interface for the driver. It originated due to insufficient useability with CheatEngine's DBVM driver while debugging games running under certain AntiCheat software.
☆90Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for KDBG
- This project will give you an example how you can hook a kernel vtable function that cannot be directly called☆80Updated 2 years ago
- base for testing☆151Updated last month
- driver manual mapper powered by https://github.com/estimated1337/lenovo_exec☆103Updated last year
- ☆78Updated 3 years ago
- An x64 page table iterator written in C++ as a kernel mode windows driver.☆102Updated 3 years ago
- ☆82Updated 11 months ago
- Kernel driver that uses Shared memory to communicate with UserMode☆83Updated 5 years ago
- ☆159Updated 2 years ago
- Windows X64 mode use seh in manual mapped dll or manual mapped sys☆67Updated 2 years ago
- A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy☆77Updated last year
- Standard Kernel Library for Windows hacking in C++☆82Updated 2 months ago
- ☆132Updated 9 months ago
- Scans all modules in target process for jmp/int3 hooks dissassembles then and follows jmps to destination.☆71Updated last year
- Kernel-based memory hacking framework communicating with a kernel driver via sockets.☆88Updated 3 years ago
- x64 Windows kernel driver mapper, inject unsigned driver using anycall☆111Updated 8 months ago
- Archive R/W into any protected process by changing the value of KTHREAD->PreviousMode☆146Updated 2 years ago
- Some psuedo snippets from BattlEye's BEDaisy.sys loaded on Rainbow Six: Siege.☆122Updated 2 years ago
- Shows an example of how to implement VT-d/AMD-Vi on Windows☆79Updated last year
- Kernel-Mode extended version of https://github.com/microsoft/Detours☆141Updated 2 years ago
- manually map driver for a signed driver memory space☆137Updated 3 years ago
- ☆86Updated 2 years ago
- ☆45Updated 2 years ago
- a Windows kernel Pdb parsing and downloading library that running purely in kernel mode without any R3 programs.☆141Updated last month
- Static user/kernel mode library that allows access to all functions and global variables by extracting offsets from the PDB☆73Updated last year
- x64 manual mapper using inline syscalls☆5Updated 3 years ago
- A proof of concept demonstrating communication via mapped shared memory structures between a user-mode process and a kernel-mode payload …☆74Updated 3 years ago