danielkrupinski / KernelProcessList
Example Windows Kernel-mode Driver which enumerates running processes.
☆55Updated 2 years ago
Alternatives and similar repositories for KernelProcessList:
Users that are interested in KernelProcessList are comparing it to the libraries listed below
- Handling C++ & __try exceptions without the need of built-in handlers.☆70Updated 3 years ago
- Kernel Lazy Importer☆112Updated last year
- reverse engineering of bedaisy.sys (battleyes kernel driver) - Aki2k/BEDaisy☆82Updated 4 years ago
- x64 syscall caller in C++.☆89Updated 6 years ago
- ☆53Updated 2 years ago
- ☆68Updated 2 years ago
- Custom KiSystemStartup, can be used to modificate kernel before boot.☆52Updated 3 years ago
- A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy☆85Updated last year
- Discarded Section Manual Map☆67Updated 4 years ago
- ☆79Updated 3 years ago
- The sequel to Voyager☆46Updated 8 months ago
- Virtual and physical memory hacking library using gigabyte vulnerable driver☆71Updated 2 years ago
- Kernel driver that uses Shared memory to communicate with UserMode☆85Updated 5 years ago
- An x64 page table iterator written in C++ as a kernel mode windows driver.☆108Updated 3 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆111Updated 3 years ago
- page table manipulation to gain physical r/w☆40Updated 11 months ago
- Detect removed thread from PspCidTable.☆71Updated 3 years ago
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆69Updated last year
- Disks for DMA☆104Updated 3 years ago
- PsSetCreateProcessNotifyRoutine bypass proof-of-concept for manual mapped drivers☆31Updated 3 years ago
- PAGE_GUARD based hooking library☆43Updated 2 years ago
- Windows PDB parser for kernel-mode environment.☆95Updated 2 years ago
- ☆40Updated 3 years ago
- Obfuscate calls to imports by patching in stubs☆67Updated 3 years ago
- Hiding a system thread against conventional means of detection☆40Updated 4 years ago
- ☆45Updated 4 years ago
- based on https://github.com/secrary/Hooking-via-InstrumentationCallback☆71Updated 5 years ago
- Communication via callback☆73Updated 5 years ago
- Some usefull info when reverse engineering Kernel Mode Anti-Cheat☆71Updated 2 years ago
- Intercepting DeviceControl via WPP☆133Updated 5 years ago