☆68May 19, 2019Updated 6 years ago
Alternatives and similar repositories for bootkits
Users that are interested in bootkits are comparing it to the libraries listed below
Sorting:
- ☆35Mar 20, 2021Updated 5 years ago
- ☆110May 19, 2019Updated 6 years ago
- ☆14May 19, 2019Updated 6 years ago
- repository with additional materials and source code☆32Jan 18, 2017Updated 9 years ago
- An example code of CiGetCertPublisherName☆16Mar 24, 2022Updated 3 years ago
- Will try to put here slides from now on when I give a talk☆24Oct 11, 2021Updated 4 years ago
- Bootkits Revisited☆39Jun 3, 2014Updated 11 years ago
- Allows you to add breakpoints from IDA (from the graph/text view) to WinDbg easily☆14Oct 10, 2018Updated 7 years ago
- Plugins and signatures☆13Jun 11, 2019Updated 6 years ago
- VM demonstration various symlink and hard link attacks against secure boot. See the whitepaper at: https://www.anvilventures.com/blog/def…☆14Aug 11, 2020Updated 5 years ago
- A windbg extension for ASLR/DEP/SafeSEH check☆28May 19, 2018Updated 7 years ago
- Detects if a Kernel mode debugger is active by reading the value of KUSER_SHARED_DATA.KdDebuggerEnabled. It is a high level and portable …☆23Sep 18, 2017Updated 8 years ago
- Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …☆55Dec 30, 2025Updated 2 months ago
- Procmonel is Procmon like monitoring system implemented using Microsoft WDK☆13Dec 25, 2019Updated 6 years ago
- VT-based PCI device monitor (SPI)☆158Oct 29, 2020Updated 5 years ago
- Binary Ninja plugin that syncs WinDbg to Binary Ninja☆47Apr 13, 2018Updated 7 years ago
- Windows XP 32-Bit Bootkit☆146Dec 29, 2014Updated 11 years ago
- POC for CVE-2023-29360☆12Aug 31, 2024Updated last year
- A simple memory dumper☆13Feb 11, 2020Updated 6 years ago
- A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.☆437Aug 22, 2018Updated 7 years ago
- Windows Inline function hooking library targeted at MSVC☆27Aug 12, 2016Updated 9 years ago
- Repository of different kernel drivers written while studying Windows NT Driver development☆12Apr 14, 2024Updated last year
- Technical Notes☆16Dec 1, 2017Updated 8 years ago
- Full reversing of the Microsoft Auxiliary Windows API Library and ported to C☆24Dec 17, 2024Updated last year
- Skeleton project for your own GRUB-based bootkit☆17Jan 11, 2020Updated 6 years ago
- bootkit驱动映射,三环进程注入加载指定模块☆14Oct 8, 2024Updated last year
- Lua Extension for Windbg☆21Oct 22, 2018Updated 7 years ago
- HelloAmdHvPkg is a type-1 research hypervisor for AMD processors.☆107Jun 28, 2020Updated 5 years ago
- A framework for parsing binary data.☆18Aug 12, 2022Updated 3 years ago
- Binary exploitation CTF challenge☆24Nov 27, 2018Updated 7 years ago
- pdb's function and global vars to offset☆10Apr 11, 2023Updated 2 years ago
- anti-ransomware file-system filter☆69Sep 3, 2024Updated last year
- A set of tools based on radare2 for analysis of ROP gadgets and payloads.☆15Apr 20, 2016Updated 9 years ago
- MemoryRanger protects kernel data and code by running drivers and hosting data in isolated kernel enclaves using VT-x and EPT features. M…☆232Jul 26, 2020Updated 5 years ago
- DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10☆53Mar 12, 2024Updated 2 years ago
- HTTP/HTTPS/DNS inspector (windows driver)☆27Feb 20, 2019Updated 7 years ago
- Dynamic Identification and Recognition Technology☆10Nov 1, 2016Updated 9 years ago
- Cross Platform Kernel Fuzzer Framework☆457Oct 11, 2018Updated 7 years ago
- Script and metasploit module for CVE-2018-15982☆11Aug 12, 2020Updated 5 years ago