bi-zone / rdtsc-checkvirt-pocView external linksLinks
Virtualization detection through speculative execution PoCs and papers
☆69May 22, 2018Updated 7 years ago
Alternatives and similar repositories for rdtsc-checkvirt-poc
Users that are interested in rdtsc-checkvirt-poc are comparing it to the libraries listed below
Sorting:
- An example code of CiGetCertPublisherName☆17Mar 24, 2022Updated 3 years ago
- Illustrates the concept of return address spoofing, and how it is used.☆14May 13, 2020Updated 5 years ago
- Simple header only library to change return address on current stack frame.☆22Sep 4, 2016Updated 9 years ago
- ☆68Dec 17, 2020Updated 5 years ago
- A C++ syscall ID extractor for Windows. Developed, debugged and tested on 20H2.☆21May 25, 2021Updated 4 years ago
- reveal and detect of common hooks under win32☆13Sep 23, 2020Updated 5 years ago
- Analyze PatchGuard☆56Aug 19, 2018Updated 7 years ago
- ☆14Sep 22, 2023Updated 2 years ago
- collection of code snippets,windbg,python scripts and resources☆14Jul 11, 2022Updated 3 years ago
- 🪝 Various EPT hook detection approaches☆143Jul 29, 2025Updated 6 months ago
- Symbolic debugging tool using JonathanSalwan/Triton☆25Oct 24, 2018Updated 7 years ago
- Hooking Heavens Gate in a weekend☆13Jan 1, 2022Updated 4 years ago
- Yet another windows syscall library☆18Jun 22, 2020Updated 5 years ago
- ☆15Mar 13, 2023Updated 2 years ago
- PoC code for crashing windows active directory☆35Sep 19, 2018Updated 7 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆265Aug 31, 2022Updated 3 years ago
- AMD SVM hypervisor rootkit proof of concept☆48Sep 23, 2023Updated 2 years ago
- I Know Where Your Page Lives: Derandomizing the latest Windows 10 Kernel - ZeroNights 2016☆171Dec 7, 2016Updated 9 years ago
- Fileless persistence, attacks and anti-forensic capabilties.☆92Dec 6, 2018Updated 7 years ago
- This is the first software system, which can detect a stealthy hypervisor and calculate several nested ones even under countermeasures.☆87Jun 16, 2015Updated 10 years ago
- reverse engineering extension plugin for windbg☆120Sep 30, 2019Updated 6 years ago
- ☆16Oct 31, 2022Updated 3 years ago
- Implements the POP/MOV SS (CVE-2018-8897) vulnerability by leveraging SYSCALL to perform a local privilege escalation (LPE).☆118Aug 8, 2018Updated 7 years ago
- Kernel driver for detecting Intel VT-x hypervisors.☆192Jul 11, 2023Updated 2 years ago
- ☆146Jan 13, 2021Updated 5 years ago
- Proof of Concept's provided by Source Incite☆36Aug 10, 2017Updated 8 years ago
- A simple x86_64 AMD-v hypervisor type-2 Programmed with C++, with soon to be added syscall hooks. [W.I.P]☆103Aug 3, 2023Updated 2 years ago
- CVE-2018-18368 SEP Manager EoP Exploit☆17Nov 27, 2019Updated 6 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆104May 14, 2020Updated 5 years ago
- Static library and headers for linking your software with ntdll.dll☆38Dec 16, 2019Updated 6 years ago
- Grep-like WinDbg extension☆45Apr 7, 2017Updated 8 years ago
- ZipArchive 2.1.4 dir traversal 0-Day☆17Aug 30, 2018Updated 7 years ago
- Wow64 Heaven's Gate Hook☆29Jul 28, 2021Updated 4 years ago
- PointerGuard is a proof-of-concept tool used to create 'guarded' pointers which disguise pointer addresses, monitor reads/writes, and pre…☆54May 23, 2022Updated 3 years ago
- ☆99Oct 6, 2017Updated 8 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆239Nov 6, 2019Updated 6 years ago
- ☆16Mar 4, 2019Updated 6 years ago
- Type 2 Hypervisor for security research supported by AMD-V hardware assisted virtualization☆41Jan 9, 2023Updated 3 years ago
- Shh0ya Kernel Hook Driver☆25Dec 8, 2020Updated 5 years ago