hidden_syscall - syscaller without using syscall instruction in code
☆63Jan 23, 2023Updated 3 years ago
Alternatives and similar repositories for hidden_syscall
Users that are interested in hidden_syscall are comparing it to the libraries listed below
Sorting:
- Old way for blocking NMI interrupts☆29Sep 6, 2022Updated 3 years ago
- base for testing☆186Sep 28, 2024Updated last year
- Walks through the 4-level paging structures in Windows x64☆13Feb 12, 2023Updated 3 years ago
- ☆18Feb 5, 2025Updated last year
- POC Hook of nt!HvcallCodeVa☆54May 8, 2023Updated 2 years ago
- clearing traces of a loaded driver☆47Jul 2, 2022Updated 3 years ago
- Written in a couple hours, don't judge :)☆17Jun 3, 2023Updated 2 years ago
- ☆63Sep 28, 2022Updated 3 years ago
- ☆43Apr 18, 2023Updated 2 years ago
- ☆73Aug 31, 2022Updated 3 years ago
- UM-KM Communication using registry callbacks☆39Jun 8, 2020Updated 5 years ago
- PAGE_GUARD based hooking library☆52Jul 25, 2022Updated 3 years ago
- Recursive and arbitrary code execution at kernel-level without a system thread creation☆159Apr 13, 2023Updated 2 years ago
- ☆158May 21, 2024Updated last year
- Drawing from kernelmode without any hooks☆174Jul 7, 2022Updated 3 years ago
- This driver hooks a device object for ioctl and uses mdls to allocate physical pages and manually injects an entry into a process's page …☆15Feb 14, 2023Updated 3 years ago
- An advanced DKOM for drivers with "DRIVER_OBJECT"☆22Feb 19, 2023Updated 3 years ago
- A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy☆103Jun 26, 2023Updated 2 years ago
- Windows kernel drivers simple HTTP library for modern C++☆40Jul 12, 2018Updated 7 years ago
- Detour library (x64 and x86 compatible)☆13Dec 15, 2020Updated 5 years ago
- Looks for a vulnerable entry point to bypass BE Anti Cheat or other in Ring3☆19Feb 25, 2023Updated 3 years ago
- ☆47Jul 7, 2024Updated last year
- Mapping your code on a 0x1000 size page☆71May 20, 2022Updated 3 years ago
- Invoke functions with a spoofed return address. For 32-bit Windows binaries. Supports __fastcall, __thiscall, __stdcall and __cdecl calli…☆175Feb 17, 2023Updated 3 years ago
- nmi stackwalking + module verification☆163Dec 28, 2023Updated 2 years ago
- A simple ida python script to find .data ptr☆59May 6, 2023Updated 2 years ago
- Hijack NotifyRoutine for a kernelmode thread☆41Jun 4, 2022Updated 3 years ago
- Allows for same-file KernelMode function execution using Encrypted addresses of Functions☆51Sep 27, 2025Updated 5 months ago
- This tool will allow you to spoof the return addresses of your functions as well as system functions.☆550Nov 12, 2022Updated 3 years ago
- Unknowncheats Magically Optimized Tidy Mapper using nvaudio☆153Jun 11, 2024Updated last year
- Archive R/W into any protected process by changing the value of KTHREAD->PreviousMode☆163Jul 31, 2022Updated 3 years ago
- manual map unsigned driver over signed memory☆221Apr 11, 2024Updated last year
- Proof of Concept Kernel-User Communication using System Thread.☆14Sep 24, 2023Updated 2 years ago
- Allows you to communicate with the kernel mode to manipulate memory in a stealthy way to avoid kernel anticheats.☆172May 8, 2022Updated 3 years ago
- A Simple Example☆23Nov 30, 2018Updated 7 years ago
- based on https://github.com/secrary/Hooking-via-InstrumentationCallback☆73Oct 29, 2019Updated 6 years ago
- Virtual and physical memory hacking library using gigabyte vulnerable driver☆71Apr 9, 2023Updated 2 years ago
- PointerGuard is a proof-of-concept tool used to create 'guarded' pointers which disguise pointer addresses, monitor reads/writes, and pre…☆57May 23, 2022Updated 3 years ago
- Using CVE-2021-40449 to manual map kernel mode driver☆104Mar 5, 2022Updated 3 years ago