crtdll / bedaisy-reversal
Some psuedo snippets from BattlEye's BEDaisy.sys loaded on Rainbow Six: Siege.
☆116Updated 2 years ago
Related projects: ⓘ
- Shows an example of how to implement VT-d/AMD-Vi on Windows☆74Updated 11 months ago
- ☆93Updated this week
- ☆82Updated this week
- Kernel Lazy Importer☆107Updated 5 months ago
- ☆130Updated 7 months ago
- This project will give you an example how you can hook a kernel vtable function that cannot be directly called☆78Updated 2 years ago
- Standard Kernel Library for Windows hacking in C++☆57Updated last month
- Bypassing EasyAntiCheat.sys self-integrity by abusing call hierarchy☆77Updated last year
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆108Updated 2 years ago
- Kernel driver that uses Shared memory to communicate with UserMode☆81Updated 5 years ago
- A PoC for requesting HWIDs directly from hardware, skipping any potential hooks or OS support.☆77Updated 3 years ago
- A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy☆75Updated last year
- A simple ida python script to find .data ptr☆44Updated last year
- a minimalistic windows hypervisor for amd processors☆96Updated 2 years ago
- base for testing☆146Updated this week
- ☆66Updated 2 years ago
- Discarded Section Manual Map☆65Updated 4 years ago
- Handling C++ & __try exceptions without the need of built-in handlers.☆63Updated 3 years ago
- KDM Is a driver that will dumps every drivers that got manually mapped with kdmapper.☆48Updated 2 years ago
- Windows X64 mode use seh in manual mapped dll or manual mapped sys☆63Updated last year
- ☆145Updated 3 months ago
- ☆155Updated 2 years ago
- x64 manual mapper using inline syscalls☆6Updated 3 years ago
- An x64 page table iterator written in C++ as a kernel mode windows driver.☆98Updated 3 years ago
- ☆40Updated 2 years ago
- Kernel driver for detecting Intel VT-x hypervisors.☆167Updated last year
- Virtual and physical memory hacking library using gigabyte vulnerable driver☆69Updated last year
- ☆80Updated 2 years ago
- nmi stackwalking + module verification☆78Updated 8 months ago
- a Windows kernel Pdb parsing and downloading library that running purely in kernel mode without any R3 programs.☆108Updated last week