SoulExtraction is a windows driver library for extracting cert information in windows drivers
☆25Feb 12, 2023Updated 3 years ago
Alternatives and similar repositories for Driver-SoulExtraction
Users that are interested in Driver-SoulExtraction are comparing it to the libraries listed below
Sorting:
- Inject dll to process in driver☆10Aug 27, 2024Updated last year
- Cmdlets for capturing Windows Events☆14Mar 11, 2022Updated 3 years ago
- [POC Detected]Bypass BE Anti Dll Injection (POC/Need Driver)☆17Mar 30, 2020Updated 5 years ago
- eac memory sig maker☆14Jun 10, 2021Updated 4 years ago
- ☆18Mar 28, 2023Updated 2 years ago
- Demo List cm/ps/ob/minifilter callback And Patch/Bypass it☆29Dec 5, 2017Updated 8 years ago
- Kernel mode to user mode dll injection.☆14Nov 10, 2024Updated last year
- PsSetCreateProcessNotifyRoutine bypass proof-of-concept for manual mapped drivers☆34Jul 19, 2021Updated 4 years ago
- Open-source EDR kernel-component for system monitoring and DLL injection☆33Nov 14, 2020Updated 5 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆51Dec 16, 2020Updated 5 years ago
- just manipulatin these here tokens yes sir nothing weird☆22Apr 18, 2022Updated 3 years ago
- Formely KMon, a Windows Kernel Driver designed to prevent malware attacks by monitoring the creation of registry keys in common autorun l…☆21Feb 15, 2014Updated 12 years ago
- An anti-cheat project that includes kernel mode.☆39Jul 29, 2021Updated 4 years ago
- Use WinDBG to trace the Windows API calls of any Portable Executable file☆32Apr 13, 2017Updated 8 years ago
- Hook NtDeviceIoControlFile with PatchGuard☆107May 10, 2022Updated 3 years ago
- the Open Source and Pure C++ Packer for eXecutables☆21Mar 25, 2023Updated 2 years ago
- Hook all callbacks which are registered with LdrRegisterDllNotification☆96Apr 3, 2025Updated 11 months ago
- Small class to parse debug info from PEs, download their respective PDBs from the Microsoft Public Symbol Server and calculate RVAs of fu…☆44Apr 1, 2023Updated 2 years ago
- PE(compressed dll) memory loader using nt api☆46Jul 3, 2017Updated 8 years ago
- EtwHook for win7-win11;☆23Sep 13, 2022Updated 3 years ago
- Code Injection, Inject malicious payload via pagetables pml4.☆243Jul 7, 2021Updated 4 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆268Aug 31, 2022Updated 3 years ago
- ☆36Mar 27, 2022Updated 3 years ago
- Extension functionality for the NightHawk operator client☆26Oct 31, 2023Updated 2 years ago
- ☆25Apr 28, 2024Updated last year
- x64 Kernel Hooks Detection☆24Jan 1, 2017Updated 9 years ago
- A tool to exchange decryption keys for command and control (C2) beacons and implants through DNS records.☆40Jan 7, 2023Updated 3 years ago
- first commit☆64Oct 29, 2020Updated 5 years ago
- Bypasses for Windows kernel callbacks PatchGuard protection☆44Aug 15, 2021Updated 4 years ago
- Packet crafting, injection and sniffing tool☆70Jan 8, 2026Updated last month
- ☆16Apr 10, 2025Updated 10 months ago
- Just an example of a well-known technique to detect memory tampering via Windows Working Sets.☆18Jan 15, 2022Updated 4 years ago
- ☆11Jan 8, 2022Updated 4 years ago
- ☆17Jun 30, 2020Updated 5 years ago
- 扫描以及恢复 r3hook 类☆10Aug 29, 2021Updated 4 years ago
- Confirms the capability of Hardware-Accelerated Virtualization Technology.☆10Updated this week
- DllInject (Memory Load)☆11Jan 5, 2019Updated 7 years ago
- Supporting material for the "Hunting Bugs In The Tropics" DEFCON 30 talk☆10Aug 18, 2022Updated 3 years ago
- Cheat Engine alternative written in Rust☆12Nov 15, 2022Updated 3 years ago