Virtualization detection through speculative execution PoCs and papers
☆69May 22, 2018Updated 7 years ago
Alternatives and similar repositories for rdtsc-checkvirt-poc
Users that are interested in rdtsc-checkvirt-poc are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- An example code of CiGetCertPublisherName☆16Mar 24, 2022Updated 4 years ago
- Analyze PatchGuard☆56Aug 19, 2018Updated 7 years ago
- ☆69Dec 17, 2020Updated 5 years ago
- Fileless persistence, attacks and anti-forensic capabilties.☆92Dec 6, 2018Updated 7 years ago
- Simple header only library to change return address on current stack frame.☆22Sep 4, 2016Updated 9 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- ☆14Sep 22, 2023Updated 2 years ago
- AMD SVM hypervisor rootkit proof of concept☆49Sep 23, 2023Updated 2 years ago
- A simple x86_64 AMD-v hypervisor type-2 Programmed with C++, with soon to be added syscall hooks. [W.I.P]☆104Aug 3, 2023Updated 2 years ago
- Illustrates the concept of return address spoofing, and how it is used.☆14May 13, 2020Updated 5 years ago
- reveal and detect of common hooks under win32☆13Sep 23, 2020Updated 5 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆270Aug 31, 2022Updated 3 years ago
- x64 PE-COFF virtualization driven obfuscation engine☆58Oct 14, 2022Updated 3 years ago
- Symbolic debugging tool using JonathanSalwan/Triton☆25Oct 24, 2018Updated 7 years ago
- 🪝 Various EPT hook detection approaches☆144Feb 22, 2026Updated last month
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- vulnerability in zam64.sys, zam32.sys allowing ring 0 code execution. CVE-2021-31727 and CVE-2021-31728 public reference.☆91May 10, 2021Updated 4 years ago
- Yet another windows syscall library☆18Jun 22, 2020Updated 5 years ago
- 64-bit x86 CPU emulation and sandboxing.☆20Mar 31, 2016Updated 9 years ago
- I Know Where Your Page Lives: Derandomizing the latest Windows 10 Kernel - ZeroNights 2016☆172Dec 7, 2016Updated 9 years ago
- A C++ syscall ID extractor for Windows. Developed, debugged and tested on 20H2.☆21May 25, 2021Updated 4 years ago
- ☆24Nov 17, 2017Updated 8 years ago
- Obfuscator based on logic-bombs☆68May 9, 2020Updated 5 years ago
- Take back control of Windows Code Integrity, no exploits or patching required! Requires that you control your own Platform Key (PK).☆52Aug 22, 2022Updated 3 years ago
- Kernel driver for detecting Intel VT-x hypervisors.☆202Jul 11, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- This is the first software system, which can detect a stealthy hypervisor and calculate several nested ones even under countermeasures.☆89Jun 16, 2015Updated 10 years ago
- 🧶 The Win32 usermode threading library with UMS/fibers/threads support☆30Jul 1, 2019Updated 6 years ago
- Software Distribution Service☆12Jul 2, 2015Updated 10 years ago
- Research on obfuscated licensing APIs / CLIP service in the Windows kernel☆140Aug 23, 2022Updated 3 years ago
- This is the P.O.C source for hooking the system calls on Windows 10 (1903) using it's dynamic trace feature weakness☆58Sep 12, 2019Updated 6 years ago
- Extended library for using direct system calls on windows☆17Feb 6, 2022Updated 4 years ago
- ☆17Oct 31, 2022Updated 3 years ago
- A library to develop kernel level Windows payloads for post HVCI era☆491May 18, 2021Updated 4 years ago
- Static library and headers for linking your software with ntdll.dll☆37Dec 16, 2019Updated 6 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- just an lite AntiRootkit for interesting☆24Dec 9, 2015Updated 10 years ago
- A basic PE bootloader☆15Oct 21, 2023Updated 2 years ago
- SoulExtraction is a windows driver library for extracting cert information in windows drivers☆25Feb 12, 2023Updated 3 years ago
- ☆145Jan 13, 2021Updated 5 years ago
- 64 bit monolithic nt-style kernel☆99Apr 14, 2021Updated 4 years ago
- Implements the POP/MOV SS (CVE-2018-8897) vulnerability by leveraging SYSCALL to perform a local privilege escalation (LPE).☆118Aug 8, 2018Updated 7 years ago
- Virtual machine with a custom instruction set in C☆16Jul 17, 2018Updated 7 years ago