crvvdev / intraceptor
Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.
☆27Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for intraceptor
- A poc that abuses Enclave☆36Updated 2 years ago
- detect hypervisor with Nmi Callback☆34Updated 2 years ago
- Two PoC of accessing process virtual memory via NT Kernel☆24Updated 3 years ago
- Mapping your code on a 0x1000 size page☆69Updated 2 years ago
- Old way for blocking NMI interrupts☆25Updated 2 years ago
- ☆13Updated 3 years ago
- ☆18Updated 2 years ago
- A Simple Example☆20Updated 5 years ago
- comparing data of module exports from disk and memory, then caching any differences.☆22Updated 2 years ago
- clearing traces of a loaded driver☆44Updated 2 years ago
- IDA scripts for hypervisor (Hyper-v) analysis and reverse engineering automation☆25Updated 2 years ago
- ☆19Updated 3 years ago
- Analysing and defeating PatchGuard universally☆34Updated 4 years ago
- ☆30Updated last year
- fecurity executor from factory☆33Updated 2 years ago
- just proof of concept. hooking MmCopyMemory PG safe.☆63Updated last year
- ☆14Updated 3 years ago
- ☆44Updated 2 years ago
- POC Hook of nt!HvcallCodeVa☆50Updated last year
- Disk based DMA for ATA and SCSI☆14Updated last year
- search for a driver/dll module that has a wanted section bigger than the size of your image☆20Updated 3 years ago
- Stealthy Injector that leverages a vulnerable driver and other exploits to remain undetected☆37Updated 5 years ago
- UM-KM Communication using registry callbacks☆39Updated 4 years ago
- Helps to find patched modules☆26Updated 4 years ago
- ☆33Updated 4 years ago
- Small class to parse debug info from PEs, download their respective PDBs from the Microsoft Public Symbol Server and calculate RVAs of fu…☆41Updated last year
- Logging library for kernel drivers written for the Windows NT operating system.☆18Updated 5 months ago
- mouseclassservicecallback detection via hook☆48Updated 2 years ago
- Example of hijacking system calls via function pointer tables☆32Updated 3 years ago