Modifies the Blue Screen of Death for 1909/20h1/20h2/21h1.
☆169Aug 12, 2022Updated 3 years ago
Alternatives and similar repositories for AngryWindows
Users that are interested in AngryWindows are comparing it to the libraries listed below
Sorting:
- ☆23Apr 7, 2015Updated 10 years ago
- 64 bit monolithic nt-style kernel☆98Apr 14, 2021Updated 4 years ago
- Corsair LL Access driver abuse☆24Apr 16, 2021Updated 4 years ago
- Modify your BSOD!☆39May 24, 2022Updated 3 years ago
- Easy Anti PatchGuard☆223Apr 9, 2021Updated 4 years ago
- A library to develop kernel level Windows payloads for post HVCI era☆486May 18, 2021Updated 4 years ago
- A UEFI extraction tool☆24Nov 3, 2024Updated last year
- ☆16May 15, 2021Updated 4 years ago
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆657Jan 28, 2025Updated last year
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆268Aug 31, 2022Updated 3 years ago
- vulnerability in zam64.sys, zam32.sys allowing ring 0 code execution. CVE-2021-31727 and CVE-2021-31728 public reference.☆91May 10, 2021Updated 4 years ago
- Analyzing the driver and internal module of EasyAntiCheat.☆40May 1, 2023Updated 2 years ago
- PointerGuard is a proof-of-concept tool used to create 'guarded' pointers which disguise pointer addresses, monitor reads/writes, and pre…☆57May 23, 2022Updated 3 years ago
- Example for PagedOut!☆26Oct 22, 2019Updated 6 years ago
- A kernel level driver for Windows built to configure the Blue Screen Of Death☆21Jul 30, 2021Updated 4 years ago
- LoadLibrary for offensive operations☆33Dec 14, 2021Updated 4 years ago
- Code Injection, Inject malicious payload via pagetables pml4.☆243Jul 7, 2021Updated 4 years ago
- This is the P.O.C source for hooking the system calls on Windows 10 (1903) using it's dynamic trace feature weakness☆53Sep 12, 2019Updated 6 years ago
- Disable PPL via custom driver and dump lsass☆15Mar 13, 2021Updated 4 years ago
- Collection of obfuscation, tamper-proofing, and watermarking algorithms targeting LLVM IR.☆76Nov 12, 2019Updated 6 years ago
- Simple Demo of using Windows Hypervisor Platform☆29Jul 14, 2025Updated 7 months ago
- ☆25May 21, 2021Updated 4 years ago
- Read Memory without ReadProcessMemory for Current Process☆92Feb 13, 2022Updated 4 years ago
- x64 PE-COFF virtualization driven obfuscation engine☆58Oct 14, 2022Updated 3 years ago
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆318Oct 13, 2024Updated last year
- A simple x86_64 AMD-v hypervisor type-2 Programmed with C++, with soon to be added syscall hooks. [W.I.P]☆104Aug 3, 2023Updated 2 years ago
- Phantom DLL hollowing PoC☆371May 23, 2022Updated 3 years ago
- ☆13Jul 15, 2021Updated 4 years ago
- A thin introspection hypervisor framework that allows for low level resource manipulation.☆12Jan 27, 2024Updated 2 years ago
- A kernel mode Windows rootkit in development.☆49Dec 31, 2021Updated 4 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- PoC capable of detecting manual syscalls from usermode.☆206Nov 13, 2025Updated 3 months ago
- Virtualization detection through speculative execution PoCs and papers☆69May 22, 2018Updated 7 years ago
- Dangling COM Keys Finder☆17Nov 16, 2021Updated 4 years ago
- Dynamic Taint Analysis versus Obfuscated Self-Checking☆16Sep 5, 2021Updated 4 years ago
- Small handy tool for crafting shellcodes by hand.☆18Apr 20, 2022Updated 3 years ago
- PoC for CVE-2021-32537: an out-of-bounds memory access that leads to pool corruption in the Windows kernel.☆57Jun 26, 2021Updated 4 years ago
- It stinks☆105Apr 22, 2022Updated 3 years ago
- Doom running in the NT kernel☆177May 27, 2023Updated 2 years ago