armvirus / VanguardTrace
Decrypting and intercepting encrypted imports of Vanguards Kernel Driver
☆20Updated 11 months ago
Alternatives and similar repositories for VanguardTrace:
Users that are interested in VanguardTrace are comparing it to the libraries listed below
- ☆43Updated 6 months ago
- POC Hook of nt!HvcallCodeVa☆50Updated last year
- Kernel Level NMI Callback Blocker☆55Updated 4 months ago
- ☆27Updated 3 months ago
- A efi-runner and message logger for vmware.☆14Updated 2 months ago
- clearing traces of a loaded driver☆46Updated 2 years ago
- Freeze target threads (external - internal ) by avoiding SuspendThread detections. Or access registers from start address.☆31Updated 9 months ago
- 将驱动映射到会话空间☆34Updated 2 years ago
- Achieving code execution through abusing vectored exception handling☆17Updated last year
- Load driver on boot before anti-cheats☆28Updated 11 months ago
- partially disable patchguard up to win11 21H2☆18Updated 7 months ago
- Header only UM AC "bypass"☆17Updated 8 months ago
- A simple MmCopyMemory hook.☆36Updated 2 years ago
- Old way for blocking NMI interrupts☆25Updated 2 years ago
- ☆28Updated last year
- A method to Disable DSE using .data ptr hooks☆29Updated 11 months ago
- Library to manipulate drivers that expose a physical memory read/write primitive.☆24Updated last year
- Translate virtual addresses to physical addresses from usermode.☆34Updated 7 months ago
- An advanced DKOM for drivers with "DRIVER_OBJECT"☆16Updated last year
- ☆31Updated 2 years ago
- communicate with kernel using a image on disk☆15Updated 8 months ago
- Just check hypervisor in ring0☆14Updated last year
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆35Updated 3 months ago
- Kernel ReClassEx☆64Updated last year
- Patches DSE by swapping both data ptrs located in SeValidateImageHeader && SeValidateImageData☆21Updated 11 months ago
- Visual Studio template for GNU-EFI☆14Updated 2 years ago