btbd / wpp
Intercepting DeviceControl via WPP
☆133Updated 5 years ago
Alternatives and similar repositories for wpp:
Users that are interested in wpp are comparing it to the libraries listed below
- An x64 page table iterator written in C++ as a kernel mode windows driver.☆108Updated 3 years ago
- Disks for DMA☆104Updated 3 years ago
- ☆141Updated 4 years ago
- Kernel driver that uses Shared memory to communicate with UserMode☆85Updated 5 years ago
- Enable SEH support for manual mapped x86-32bit PEs☆66Updated 6 years ago
- Communication via callback☆73Updated 5 years ago
- Discarded Section Manual Map☆67Updated 4 years ago
- ☆152Updated 5 years ago
- Kernel Lazy Importer☆111Updated last year
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆69Updated last year
- manually map driver for a signed driver memory space☆153Updated 4 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆112Updated 3 years ago
- A PoC for requesting HWIDs directly from hardware, skipping any potential hooks or OS support.☆79Updated 4 years ago
- reverse engineering of bedaisy.sys (battleyes kernel driver) - Aki2k/BEDaisy☆82Updated 4 years ago
- Just my first IOCTL try☆73Updated 4 years ago
- based on https://github.com/secrary/Hooking-via-InstrumentationCallback☆69Updated 5 years ago
- Handling C++ & __try exceptions without the need of built-in handlers.☆70Updated 3 years ago
- Disable Driver Callbacks☆102Updated 7 years ago
- Kernel driver for detecting Intel VT-x hypervisors.☆179Updated last year
- Prototype of hijacking Windows driver dispatch routines in unmapped discardable sections☆54Updated 6 years ago
- Capcom wrapper with safety in mind.☆79Updated 6 years ago
- Some psuedo snippets from BattlEye's BEDaisy.sys loaded on Rainbow Six: Siege.☆123Updated 2 years ago
- A library to read physical memory and system-wide virtual memory.☆125Updated 6 years ago
- just proof of concept. hooking MmCopyMemory PG safe.☆67Updated last year
- Hooking SSDT with Avast Internet Security Hypervisor☆116Updated 6 years ago
- C++ library for parsing and manipulating PE files statically and dynamically.☆86Updated last year
- Scans all modules in target process for jmp/int3 hooks dissassembles then and follows jmps to destination.☆75Updated last year
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆143Updated 3 years ago
- ☆71Updated 5 years ago
- Simple mmapper which using UEFI runtime driver.☆80Updated 5 years ago