crvvdev / vac-bypass-kernel
Fully working kernel-mode VAC bypass
☆35Updated 2 weeks ago
Related projects ⓘ
Alternatives and complementary repositories for vac-bypass-kernel
- Finding Truth in the Shadows☆84Updated last year
- silence file system monitoring components by hooking their minifilters☆51Updated 9 months ago
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆48Updated last year
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆106Updated last year
- Makes IDA (most versions) to crash upon opening it.☆63Updated 2 months ago
- Windows kernel driver template for cmkr and llvm-msvc.☆33Updated 10 months ago
- Report and exploit of CVE-2024-21305.☆30Updated 9 months ago
- A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.☆28Updated 2 years ago
- A VMWare logger using built-in backdoor.☆25Updated 3 weeks ago
- ☆16Updated last year
- ☆57Updated 2 years ago
- An x64dbg plugin which helps make sense of long C++ symbols☆59Updated last year
- A journal for $6,000 Riot Vanguard bounty.☆57Updated last year
- ☆65Updated last year
- ☆12Updated 2 years ago
- Detours implementation (x64/x86) which used only ntdll import☆88Updated 5 months ago
- A simple direct syscall wrapper written in C++ with compatibility for x86 and x64 programs.☆41Updated last year
- Hook all callbacks which are registered with LdrRegisterDllNotification☆81Updated last year
- WinApi Patcher is a straightforward tool leveraging windows API hooking to patch and modify certain behaviors in a targeted environment.☆40Updated last month
- DSE & PG bypass via BYOVD attack☆37Updated 7 months ago
- PoC exploit for HP Hardware Diagnostic's EtdSupp driver☆50Updated last year
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆45Updated last year
- arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system☆53Updated 2 years ago
- Compileable POC of namazso's x64 return address spoofer.☆47Updated 4 years ago
- Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures☆30Updated last month
- Rust implementation of lazy_importer☆44Updated last year
- Me fockin' pe protector☆45Updated last year
- Example of building an application verifer DLL☆45Updated 5 months ago
- Load dll with undocumented functions and debug symbols☆46Updated 3 months ago