Hijack NotifyRoutine for a kernelmode thread
☆41Jun 4, 2022Updated 3 years ago
Alternatives and similar repositories for NotifyRoutineHijackThread
Users that are interested in NotifyRoutineHijackThread are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- base for testing☆189Sep 28, 2024Updated last year
- A simple way to spoof return addresses using an exception handler☆45Aug 3, 2022Updated 3 years ago
- Mapping your code on a 0x1000 size page☆71May 20, 2022Updated 3 years ago
- Illustrates the concept of return address spoofing, and how it is used.☆14May 13, 2020Updated 6 years ago
- ☆158May 21, 2024Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ☆41Mar 23, 2023Updated 3 years ago
- This project will give you an example how you can hook a kernel vtable function that cannot be directly called☆83Dec 25, 2021Updated 4 years ago
- An example code of CiGetCertPublisherName☆16Mar 24, 2022Updated 4 years ago
- ☆20May 17, 2022Updated 4 years ago
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated last year
- Old way for blocking NMI interrupts☆29Sep 6, 2022Updated 3 years ago
- Windows API Call Obfuscation☆112Dec 9, 2022Updated 3 years ago
- POC Hook of nt!HvcallCodeVa☆55May 8, 2023Updated 3 years ago
- ☆18Dec 4, 2020Updated 5 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Mono process injector☆22Jan 26, 2019Updated 7 years ago
- ☆16Jun 20, 2022Updated 3 years ago
- mouseclassservicecallback detection via hook☆54Feb 7, 2022Updated 4 years ago
- ☆192Dec 8, 2021Updated 4 years ago
- Load your driver like win32k.sys☆257Aug 20, 2022Updated 3 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- Patches DSE by swapping both data ptrs located in SeValidateImageHeader && SeValidateImageData☆24Feb 9, 2024Updated 2 years ago
- BattlEye kernel module bypass☆182Oct 1, 2022Updated 3 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- 一个界面基于IMGUI的ARK,目前R3实现☆13Nov 1, 2023Updated 2 years ago
- Some drivers I've written while solving exercises from Practical Reverse Engineering☆15Jan 9, 2022Updated 4 years ago
- State of the art DLL injector that took 20 minutes to make☆229Aug 16, 2023Updated 2 years ago
- Calling "own" MouseClassServiceCallback☆77Jul 28, 2022Updated 3 years ago
- detect hypervisor with Nmi Callback☆41Sep 25, 2022Updated 3 years ago
- ☆17Apr 21, 2022Updated 4 years ago
- ☆119Aug 7, 2022Updated 3 years ago
- Bypassing EasyAntiCheat.sys self-integrity by abusing call hierarchy☆82Oct 6, 2022Updated 3 years ago
- ☆133Aug 6, 2022Updated 3 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Using CVE-2021-40449 to manual map kernel mode driver☆103Mar 5, 2022Updated 4 years ago
- Read Memory without ReadProcessMemory for Current Process☆92Feb 13, 2022Updated 4 years ago
- ☆146Jan 24, 2024Updated 2 years ago
- Just another .data pointer hook. This time it's hooking AfdIrpCallDispatch within Afd.sys☆12Feb 22, 2022Updated 4 years ago
- A minimalistic way to spoof return addresses without using exceptions☆19Jul 26, 2022Updated 3 years ago
- undetected eac mapper☆169May 3, 2022Updated 4 years ago
- Scans all modules in target process for jmp/int3 hooks dissassembles then and follows jmps to destination.☆82Nov 5, 2023Updated 2 years ago