Elevate arbitrary MSR writes to kernel execution.
☆47Sep 3, 2023Updated 2 years ago
Alternatives and similar repositories for msrexec
Users that are interested in msrexec are comparing it to the libraries listed below
Sorting:
- Library to manipulate drivers that expose a physical memory read/write primitive.☆43Sep 4, 2023Updated 2 years ago
- A demonstration of hooking into the VMProtect-2 virtual machine☆24Nov 9, 2023Updated 2 years ago
- Small OBJ/Archive Obfuscation framework☆14Nov 9, 2023Updated 2 years ago
- x86-64 Automated test data generator☆26Aug 18, 2025Updated 7 months ago
- Standard Kernel Library for Windows manipulation in C++☆203Jun 18, 2025Updated 9 months ago
- Example of an ELF parser to learn about the ELF format☆11Oct 6, 2024Updated last year
- Using Windows' own bootloader as a shim to bypass Secure Boot☆229Jul 17, 2024Updated last year
- Walks the CFG bitmap to find previously executable but currently hidden shellcode regions☆133May 17, 2023Updated 2 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆241Nov 6, 2019Updated 6 years ago
- Research of modifying exported function names at runtime (C/C++, Windows)☆18May 28, 2024Updated last year
- ☆29Nov 22, 2023Updated 2 years ago
- PoC kernel to usermode injection☆106Feb 26, 2024Updated 2 years ago
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated last year
- ☆45Feb 2, 2025Updated last year
- Kernel Level NMI Callback Blocker☆167Sep 27, 2025Updated 5 months ago
- POC Windows kernel driver that spoofs threads for NMI callbacks on x86-64.☆24Mar 30, 2025Updated 11 months ago
- ☆13Aug 24, 2022Updated 3 years ago
- DllInject (Memory Load)☆11Jan 5, 2019Updated 7 years ago
- Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …�☆55Dec 30, 2025Updated 2 months ago
- ☆67May 25, 2023Updated 2 years ago
- List the ETW provider(s) in the registration table of a process.☆80Sep 20, 2023Updated 2 years ago
- Emulate Drivers in RING3 with self context mapping or unicorn☆21Jan 1, 2025Updated last year
- Just check hypervisor in ring0☆16Jun 7, 2023Updated 2 years ago
- ☆23Sep 17, 2019Updated 6 years ago
- .lib file for linking against the NT CRT☆19Mar 18, 2022Updated 4 years ago
- Using CVE-2021-40449 to manual map kernel mode driver☆104Mar 5, 2022Updated 4 years ago
- kernel-mode TDI client which can send and receive HTTP requests☆56Jun 9, 2018Updated 7 years ago
- Unknowncheats Magically Optimized Tidy Mapper using nvaudio☆153Jun 11, 2024Updated last year
- All LLVM binaries scrambled with SigBreaker and used to test against llvm-lit☆25May 7, 2025Updated 10 months ago
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆24Jul 5, 2023Updated 2 years ago
- LLVM fork with explicit compatibility with MSVC 2022 features.☆386Updated this week
- ☆29Dec 20, 2025Updated 2 months ago
- iSwordSDK (Provide Powerful Kernel API For Ring3 Applications)☆15Mar 25, 2022Updated 3 years ago
- Proof-of-concept game using VBS enclaves to protect itself from cheating☆51Nov 10, 2024Updated last year
- Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures☆38Sep 22, 2024Updated last year
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- Collection of hypervisor detections☆300Sep 25, 2024Updated last year
- Plugin for x64dbg to disable parallel loading of dependencies☆19Sep 3, 2022Updated 3 years ago
- ☆16Apr 10, 2025Updated 11 months ago