benheise / KUCSharedMemoryLinks
Kernel<->Usermode shared memory communcation using manually mapped driver
☆23Updated 3 years ago
Alternatives and similar repositories for KUCSharedMemory
Users that are interested in KUCSharedMemory are comparing it to the libraries listed below
Sorting:
- Experiment with PAGE_GUARD protection to hide memory from other processes☆48Updated last year
- Dumping processes using a kernel-mode driver.☆19Updated 3 years ago
- Virtual and physical memory hacking library using gigabyte vulnerable driver☆72Updated 2 years ago
- A simple tool to assemble shellcode ready to be copy-pasted into code☆69Updated 3 years ago
- This is an EfiGuard BootLoader that can boot EfiGuard from Usermode with no USB or Setup as a Single Executable with automatic File Dumpi…☆59Updated 11 months ago
- POC Hook of nt!HvcallCodeVa☆52Updated 2 years ago
- hidden_syscall - syscaller without using syscall instruction in code☆63Updated 2 years ago
- DSE & PG bypass via BYOVD attack☆59Updated last month
- Kernel Level NMI Callback Blocker☆117Updated last year
- just proof of concept. hooking MmCopyMemory PG safe.☆77Updated last year
- The sequel to Voyager☆70Updated last year
- A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy☆98Updated 2 years ago
- Freeze target threads (external - internal ) by avoiding SuspendThread detections. Or access registers from start address.☆34Updated last year
- ntoskrnl .data hooks for UM-KM communication☆51Updated last year
- ☆55Updated 2 years ago
- ☆10Updated 3 years ago
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆145Updated 3 years ago
- A simple MmCopyMemory hook.☆37Updated 3 years ago
- PAGE_GUARD based hooking library☆48Updated 3 years ago
- An advanced DKOM for drivers with "DRIVER_OBJECT"☆19Updated 2 years ago
- A Hyper-V Hacking Framework For Windows 10 x64 (AMD & Intel)☆82Updated last year
- Made by scammer so i leak for free ! have fun☆56Updated 2 years ago
- Allows for same-file KernelMode function execution using Encrypted addresses of Functions☆43Updated 10 months ago
- ☆155Updated last year
- Hiding a system thread against conventional means of detection☆41Updated 4 years ago
- ☆80Updated 3 years ago
- nmi stackwalking + module verification☆131Updated last year
- A method to Disable DSE using .data ptr hooks☆33Updated last year
- 将驱动映射到会话空间☆35Updated 3 years ago
- TS-Changer - Forces the machine in/out of TestSigning Mode at runtime.☆65Updated 2 years ago