eddeeh / drv-client
A simple process query/manipulation tool using driver hooked system call. (2019)
☆8Updated 3 years ago
Related projects: ⓘ
- Manually Mapped Windows Kernel Driver + Usermode API for Arbitrary R/W to UM process via a UM thread trapped in kernel, synchronized with…☆13Updated 3 years ago
- Two PoC of accessing process virtual memory via NT Kernel☆24Updated 3 years ago
- ☆15Updated 3 years ago
- simply manual map any system image☆16Updated 3 years ago
- Injector with kernel power☆15Updated 3 years ago
- An example code of CiGetCertPublisherName☆14Updated 2 years ago
- Abusing RtlAdjustPrivilege and NtSetInformationProcess to cause a BSOD from usermode☆14Updated 2 years ago
- p2c loader(this is also the loader isolation.top used)☆14Updated 6 years ago
- Small memory leak PoC that is happening in IopGetDeviceInterfaces☆23Updated 3 years ago
- Small class to parse debug info from PEs, download their respective PDBs from the Microsoft Public Symbol Server and calculate RVAs of fu…☆39Updated last year
- Simple IOCTL hooking driver for Kernel- User - Mode communication.☆12Updated 4 years ago
- Logging library for kernel drivers written for the Windows NT operating system.☆17Updated 3 months ago
- Simplifies the Windows Kernel APIs by making the existing function easier to use, and extends them by creating functions that could possi…☆26Updated last month
- Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.☆27Updated 2 years ago
- Function hooks in Windows NT Kernel☆21Updated 3 years ago
- Remote memory library in C++17.☆30Updated 6 years ago
- A resource for thread hijacking and manual mapping code, that works with MEM_MAPPED & MEM_IMAGE.☆22Updated 3 years ago
- ☆15Updated this week
- Detour library (x64 and x86 compatible)☆11Updated 3 years ago
- ☆11Updated 3 years ago
- ☆18Updated last year
- ☆14Updated this week
- ☆17Updated 4 years ago
- ☆12Updated 3 years ago
- x64 assembler library☆32Updated 3 months ago
- Stealthy Injector that leverages a vulnerable driver and other exploits to remain undetected☆36Updated 5 years ago
- ☆14Updated this week
- Stealing signatures from pe files☆15Updated 2 years ago
- ☆28Updated this week
- Translates WinDbg "dt" structure dump to a C structure☆12Updated 4 years ago