brew02 / BudgetEPT
Create stealthy, inline, EPT-like hooks using SMAP and SMEP
☆33Updated last month
Related projects ⓘ
Alternatives and complementary repositories for BudgetEPT
- POC Hook of nt!HvcallCodeVa☆50Updated last year
- Kernel ReClassEx☆63Updated last year
- Windows PDB parser for kernel-mode environment.☆90Updated last year
- A simple ida python script to find .data ptr☆47Updated last year
- ☆70Updated 2 years ago
- Kernel Level NMI Callback Blocker☆32Updated 2 months ago
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆69Updated last year
- ☆24Updated last month
- A method to Disable DSE using .data ptr hooks☆26Updated 9 months ago
- A library to assist with memory & code protection.☆53Updated 8 months ago
- partially disable patchguard up to win11 21H2☆16Updated 5 months ago
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆48Updated 3 years ago
- nmi stackwalking + module verification☆91Updated 10 months ago
- 将驱动映射到会话空间☆33Updated 2 years ago
- x64 Windows implementation of virtual-address to physical-address translation☆41Updated 3 years ago
- Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible. No …☆15Updated 5 months ago
- A efi-runner and message logger for vmware.☆13Updated 2 weeks ago
- Discarded Section Manual Map☆66Updated 4 years ago
- intel vt-x type 2 hypervisor☆48Updated 4 months ago
- detect hypervisor with Nmi Callback☆34Updated 2 years ago
- DSE & PG bypass via BYOVD attack☆37Updated 7 months ago
- Using MMIO (Memory-Mapped I/O) to read TPM 2.0 public Endorsement Key.☆39Updated 5 months ago
- ntoskrnl .data hooks for UM-KM communication☆34Updated 5 months ago
- Hiding the window from screenshots using the function win32kfull::ChangeWindowTreeProtection☆10Updated 2 years ago
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆39Updated 2 years ago
- Improved VMP Idea(detect anti-anti-debug tools by bug)☆40Updated last year