brew02 / BudgetEPT
Create stealthy, inline, EPT-like hooks using SMAP and SMEP
☆32Updated 3 weeks ago
Related projects ⓘ
Alternatives and complementary repositories for BudgetEPT
- POC Hook of nt!HvcallCodeVa☆49Updated last year
- ☆24Updated last month
- Kernel ReClassEx☆62Updated 11 months ago
- Kernel Level NMI Callback Blocker☆32Updated 2 months ago
- A method to Disable DSE using .data ptr hooks☆24Updated 9 months ago
- ☆70Updated 2 years ago
- A simple ida python script to find .data ptr☆47Updated last year
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆69Updated last year
- A library to assist with memory & code protection.☆53Updated 8 months ago
- Windows PDB parser for kernel-mode environment.☆87Updated last year
- nmi stackwalking + module verification☆87Updated 10 months ago
- x64 Windows implementation of virtual-address to physical-address translation☆41Updated 3 years ago
- ntoskrnl .data hooks for UM-KM communication☆34Updated 5 months ago
- 将驱动映射到会话空间☆32Updated 2 years ago
- DSE & PG bypass via BYOVD attack☆37Updated 7 months ago
- detect hypervisor with Nmi Callback☆34Updated 2 years ago
- intel vt-x type 2 hypervisor☆48Updated 4 months ago
- partially disable patchguard up to win11 21H2☆16Updated 5 months ago
- ☆11Updated 2 years ago
- Binary rewriter for 64-bit PE files.☆43Updated 9 months ago
- A poc that abuses Enclave☆36Updated 2 years ago
- Hiding a system thread against conventional means of detection☆35Updated 4 years ago
- Visual Studio Project example for using Microsoft's STL in WDM (Windows Kernel-mode Driver)☆23Updated 3 years ago
- Discarded Section Manual Map☆66Updated 4 years ago
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆45Updated last year
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆39Updated 2 years ago