manually map driver for a signed driver memory space
☆177Mar 11, 2021Updated 5 years ago
Alternatives and similar repositories for sumap
Users that are interested in sumap are comparing it to the libraries listed below
Sorting:
- just proof of concept. hooking MmCopyMemory PG safe.☆84Nov 13, 2023Updated 2 years ago
- A mapper that maps shellcode into loaded large page drivers☆329Apr 26, 2022Updated 3 years ago
- Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.☆389Aug 8, 2021Updated 4 years ago
- usermode driver mapper that forcefully loads any signed kernel driver (legit cert) with a big enough section (example: .data, .rdata) to …☆475Jan 3, 2022Updated 4 years ago
- Detect removed thread from PspCidTable.☆75Mar 18, 2022Updated 4 years ago
- Discarded Section Manual Map☆70Jun 18, 2020Updated 5 years ago
- Unknowncheats Magically Optimized Tidy Mapper using nvaudio☆153Jun 11, 2024Updated last year
- base for testing☆187Sep 28, 2024Updated last year
- undetected eac mapper☆170May 3, 2022Updated 3 years ago
- Easy Anti PatchGuard☆223Apr 9, 2021Updated 4 years ago
- UEFI bootkit for driver manual mapping☆589Jan 1, 2024Updated 2 years ago
- Custom KiSystemStartup, can be used to modificate kernel before boot.☆53Apr 7, 2022Updated 3 years ago
- driver manual mapper powered by https://github.com/estimated1337/lenovo_exec☆115Dec 28, 2022Updated 3 years ago
- Patches DSE by swapping both data ptrs located in SeValidateImageHeader && SeValidateImageData☆24Feb 9, 2024Updated 2 years ago
- Load your driver like win32k.sys☆258Aug 20, 2022Updated 3 years ago
- The program draws with win32k gdi functions in the kernel while NtGdiDdDDISubmitCommand is being hooked.☆346Apr 27, 2020Updated 5 years ago
- Manual mapping without creating any threads, with rw only access☆808Oct 29, 2019Updated 6 years ago
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆151Feb 12, 2022Updated 4 years ago
- ☆111Nov 13, 2023Updated 2 years ago
- Drawing from kernelmode without any hooks☆174Jul 7, 2022Updated 3 years ago
- UM-KM Communication using registry callbacks☆39Jun 8, 2020Updated 5 years ago
- clearing traces of a loaded driver☆47Jul 2, 2022Updated 3 years ago
- Efi Driver Access is a simply project to load a driver during system boot with the idea to give the user kernel access for read/write mem…☆481Jan 8, 2023Updated 3 years ago
- ☆367May 11, 2025Updated 10 months ago
- ☆147Jan 24, 2024Updated 2 years ago
- Stealthy UM <-> KM communication system without creating any system threads, permanent hooks, driver objects, section objects or device o…☆382Mar 15, 2024Updated 2 years ago
- Intercepting DeviceControl via WPP☆138Nov 18, 2019Updated 6 years ago
- ☆224May 10, 2022Updated 3 years ago
- System call hook for Windows 10 20H1☆496Jun 26, 2021Updated 4 years ago
- Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executabl…☆387Jan 29, 2022Updated 4 years ago
- ☆34Apr 11, 2023Updated 2 years ago
- Windows inline hooking tool.☆299Oct 7, 2018Updated 7 years ago
- Using CVE-2023-21768 to manual map kernel mode driver☆197Mar 10, 2023Updated 3 years ago
- ☆23May 8, 2023Updated 2 years ago
- PoC EFI runtime driver for memory r/w & kdmapper fork☆571Nov 30, 2024Updated last year
- x64 Windows kernel driver mapper, inject unsigned driver using anycall☆204Feb 14, 2024Updated 2 years ago
- detect hypervisor with Nmi Callback☆42Sep 25, 2022Updated 3 years ago
- Hiding the window from screenshots using the function win32kfull::GreProtectSpriteContent☆638Dec 26, 2024Updated last year
- Kernel driver that .text hooks a syscall in dxgkrnl.sys which can be called from our user-mode client to send instructions like rpm/wpm a…☆213Dec 16, 2022Updated 3 years ago