eddeeh / drv-clientLinks
A simple process query/manipulation tool using driver hooked system call. (2019)
☆9Updated 3 years ago
Alternatives and similar repositories for drv-client
Users that are interested in drv-client are comparing it to the libraries listed below
Sorting:
- Manually Mapped Windows Kernel Driver + Usermode API for Arbitrary R/W to UM process via a UM thread trapped in kernel, synchronized with…☆16Updated 4 years ago
- Abusing RtlAdjustPrivilege and NtSetInformationProcess to cause a BSOD from usermode☆17Updated 2 years ago
- cross platform library to manipulate and extract information of memory regions☆34Updated 7 years ago
- 🧶 The Win32 usermode threading library with UMS/fibers/threads support☆30Updated 5 years ago
- (shard of furikuri project) assambler for code obfuscation☆18Updated 5 years ago
- Simple IOCTL hooking driver for Kernel- User - Mode communication.☆12Updated 4 years ago
- x64 assembler library☆31Updated 11 months ago
- ☆22Updated 2 years ago
- Memory Dumper For Win10 x64 Processes☆15Updated 4 years ago
- A stack and register based virtual machine which can compile and execute arbitrary code in runtime☆44Updated 2 months ago
- Header only library for binding, reordering and currying of function arguments without cost☆18Updated 6 years ago
- ☆17Updated last year
- Phantom.Code extension providing Just-In-Time asm x64 compilation based on LLVM☆8Updated 2 years ago
- simply manual map any system image☆17Updated 4 years ago
- Translates WinDbg "dt" structure dump to a C structure☆13Updated 4 years ago
- Small memory leak PoC that is happening in IopGetDeviceInterfaces☆25Updated 4 years ago
- An example code of CiGetCertPublisherName☆16Updated 3 years ago
- Some crazy PE executables protection kernel driver☆18Updated 5 years ago
- Injector with kernel power☆16Updated 4 years ago
- Use ci.dll API for validating Authenticode signature of files☆11Updated 3 years ago
- Example of hijacking system calls via function pointer tables☆31Updated 3 years ago
- Simple memory obfuscator.☆24Updated 2 years ago
- Native file compressor using only the ntdll.dll☆9Updated 7 years ago
- ☆14Updated 4 years ago
- ☆15Updated 4 years ago
- a driver to enumerate registered pnp callbacks for a particular interface class based on reversal of IoRegisterPlugPlayNotification☆11Updated last year
- P2C Loader based on blackbone, used by isolation.top and others.☆14Updated 7 years ago
- A class to gather information about a process, its threads and modules.☆24Updated 5 years ago
- anti-cheat based on user-mode tricks and undocumented methods☆22Updated 7 years ago
- .lib file for linking against the NT CRT☆19Updated 3 years ago