c++ implementation of windows heavens gate
☆71Feb 12, 2021Updated 5 years ago
Alternatives and similar repositories for RtlWow64
Users that are interested in RtlWow64 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Self-Loading Registration Free COM Functions☆11Nov 12, 2019Updated 6 years ago
- Simple Demo of using Windows Hypervisor Platform☆29Jul 14, 2025Updated 8 months ago
- Monitor ETW events for Windows process mitigation policies, with stack traces☆31Oct 7, 2022Updated 3 years ago
- Interprocess communication library, providing the ability to call functions from each other☆20Oct 3, 2019Updated 6 years ago
- A driver that supports communication between a Windows guest and HyperWin☆15Jan 6, 2021Updated 5 years ago
- Call 32bit NtDLL API directly from WoW64 Layer☆62Nov 18, 2020Updated 5 years ago
- Rootkit & Anti-rootkit☆41Jan 27, 2024Updated 2 years ago
- A kernel mode Windows rootkit in development.☆49Dec 31, 2021Updated 4 years ago
- Bypasses for Windows kernel callbacks PatchGuard protection☆44Aug 15, 2021Updated 4 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆71May 11, 2022Updated 3 years ago
- A simple example how to decrypt kernel debugger data block☆32Feb 8, 2021Updated 5 years ago
- All Nt Syscall and W32k Syscall in one asm, include, and call it!☆58Nov 4, 2021Updated 4 years ago
- A driver that hooks C: volume using symbolic link callback to track all FS access to the volume☆109Apr 24, 2020Updated 5 years ago
- sc4cpp is a shellcode framework based on C++☆94Aug 29, 2021Updated 4 years ago
- ☆39Oct 29, 2020Updated 5 years ago
- Open Anti Cheat☆27Jul 16, 2022Updated 3 years ago
- Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…☆218Feb 20, 2023Updated 3 years ago
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆146Feb 23, 2019Updated 7 years ago
- HTTP/HTTPS/DNS inspector (windows driver)☆27Feb 20, 2019Updated 7 years ago
- Windows system spy for Mouse, Keyboard and Gamepad(Joystick).☆15Jul 6, 2022Updated 3 years ago
- ☆16Mar 1, 2019Updated 7 years ago
- windows kernelmode driver to inject dll into each and every process and perform systemwide function hooking☆53Aug 28, 2022Updated 3 years ago
- VT-based PCI device monitor (SPI)☆158Oct 29, 2020Updated 5 years ago
- Another method to anti ThreadHideFromDebugger☆38Mar 5, 2019Updated 7 years ago
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆182Nov 30, 2017Updated 8 years ago
- Library for using direct system calls☆35Jan 30, 2025Updated last year
- This is the first software system, which can detect a stealthy hypervisor and calculate several nested ones even under countermeasures.☆87Jun 16, 2015Updated 10 years ago
- A simple x86_64 AMD-v hypervisor type-2 Programmed with C++, with soon to be added syscall hooks. [W.I.P]☆104Aug 3, 2023Updated 2 years ago
- PoC: Exploit 32-bit Thread Snapshot of WOW64 to Take Over $RIP & Inject & Bypass Antivirus HIPS (HITB 2021)☆167May 27, 2021Updated 4 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆121Feb 8, 2022Updated 4 years ago
- Recreation of Lode Runner The Legend Returns☆14Feb 13, 2020Updated 6 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆105May 14, 2020Updated 5 years ago
- Some garbage drivers written for getting started☆65Dec 31, 2019Updated 6 years ago
- x64HOOK库☆18Jan 14, 2020Updated 6 years ago
- 过去写的一些Windows安全研究相关代码☆135Feb 2, 2019Updated 7 years ago
- win10 pgContext dynamic dump (btc version)☆110Jan 15, 2020Updated 6 years ago
- Windows ndiscap.sys adapter for WinPcap applications☆28Jun 26, 2016Updated 9 years ago
- A modern c++ implementation of windows heavens gate☆246Sep 19, 2020Updated 5 years ago
- A PoC designed to bypass all usermode hooks in a WoW64 environment.☆149Sep 16, 2020Updated 5 years ago