Windows kernel debugger for Linux hosts running Windows under KVM/QEMU
☆128Feb 9, 2026Updated 3 weeks ago
Alternatives and similar repositories for ntoseye
Users that are interested in ntoseye are comparing it to the libraries listed below
Sorting:
- Kernel-mode Paravirtualization in Ring 2, LLVM based linker, and some other things!☆409Apr 19, 2025Updated 10 months ago
- Hooking Windows' exception dispatcher to protect process's PML4☆228Jan 24, 2025Updated last year
- Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures☆38Sep 22, 2024Updated last year
- Minimalistic AMD-V/SVM hypervisor with memory introspection capabilities☆376Feb 26, 2025Updated last year
- ☆17Sep 25, 2024Updated last year
- bootkit驱动映射,三环进程注入加载指定模块☆14Oct 8, 2024Updated last year
- C++ Assembler with Built-in Mutation Engine☆30Sep 6, 2025Updated 5 months ago
- A large collection of 32bit and 64bit PE files useful for verifying the correctness of bin2bin transformations☆72Aug 2, 2024Updated last year
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆78Mar 29, 2025Updated 11 months ago
- Translate virtual addresses to physical addresses from usermode.☆104Jun 7, 2024Updated last year
- Rewrite and obfuscate code in compiled binaries☆273Dec 13, 2025Updated 2 months ago
- Hijacking Hyper-V at Runtime with DDMA☆90Aug 13, 2025Updated 6 months ago
- ☆15Oct 7, 2020Updated 5 years ago
- Hypervisor-based debugger for AMD processors☆63May 13, 2024Updated last year
- call gates as stable comunication channel for NT x86 and Linux x86_64☆32Aug 11, 2023Updated 2 years ago
- Efficient general mixed boolean-arithmetic (MBA) simplifier☆124Updated this week
- Example of waiting for Event Objects by associating them with a I/O Completion Port (IOCP), effectively lifting MAXIMUM_WAIT_OBJECTS (64)…☆42Oct 14, 2024Updated last year
- ☆14Dec 3, 2022Updated 3 years ago
- Emulate Drivers in RING3 with self context mapping or unicorn☆21Jan 1, 2025Updated last year
- Generate a PDB file given the old PDB file and an address mapping☆52Aug 3, 2025Updated 7 months ago
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆61Oct 19, 2024Updated last year
- LLVM based static binary analysis framework☆303Apr 2, 2025Updated 11 months ago
- ☆31Feb 28, 2025Updated last year
- ☆58Feb 19, 2026Updated 2 weeks ago
- Using Windows' own bootloader as a shim to bypass Secure Boot☆226Jul 17, 2024Updated last year
- Native code virtualizer for x64 binaries☆517Dec 20, 2024Updated last year
- Beacon Debugger☆55Oct 28, 2024Updated last year
- Panda - is a set of utilities used to research how PsExec encrypts its traffic.☆12Apr 20, 2021Updated 4 years ago
- Linux Debugger Prototype☆44Feb 12, 2022Updated 4 years ago
- Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …☆55Dec 30, 2025Updated 2 months ago
- Collection of hypervisor detections☆297Sep 25, 2024Updated last year
- For Example. See Miro's Blog☆30Nov 26, 2022Updated 3 years ago
- Disks for DMA☆144Apr 28, 2021Updated 4 years ago
- An x86-64 code virtualizer for VM based obfuscation☆177Dec 21, 2024Updated last year
- ☆99Oct 6, 2017Updated 8 years ago
- The research UEFI hypervisor that supports booting an operating system.☆712Aug 15, 2024Updated last year
- Internals information about Hyper-V☆731Dec 20, 2025Updated 2 months ago
- Clr Injection for x64 and x86. Inject C# into Managed or Unmanaged Processes.☆18Sep 7, 2024Updated last year
- The trashvisor☆12Oct 25, 2020Updated 5 years ago