☆24Jul 15, 2023Updated 2 years ago
Alternatives and similar repositories for warbird-example
Users that are interested in warbird-example are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆23Jul 24, 2023Updated 2 years ago
- Disk based DMA for ATA and SCSI☆42Sep 22, 2023Updated 2 years ago
- Use NtSetInformationThread(ThreadBreakOnTermination) for anti-debugging☆15Sep 21, 2019Updated 6 years ago
- MiniSDK☆10Nov 8, 2021Updated 4 years ago
- Kernel Level NMI Callback Blocker☆168Sep 27, 2025Updated 5 months ago
- ☆225Mar 11, 2023Updated 3 years ago
- A poc that abuses Enclave☆40Sep 8, 2022Updated 3 years ago
- Use ci.dll API for validating Authenticode signature of files☆168Mar 28, 2022Updated 3 years ago
- Simple Demo of using Windows Hypervisor Platform☆29Jul 14, 2025Updated 8 months ago
- windows内核安全与驱动开发代码☆12Apr 4, 2020Updated 5 years ago
- ☆31Sep 12, 2024Updated last year
- WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API☆26Apr 24, 2022Updated 3 years ago
- Enum and Remove Hook in Windows☆52Dec 11, 2025Updated 3 months ago
- Mapping your code on a 0x1000 size page☆71May 20, 2022Updated 3 years ago
- pdb's function and global vars to offset☆10Apr 11, 2023Updated 2 years ago
- ☆19Oct 25, 2024Updated last year
- Browse Page Tables on Windows (Page Table Viewer)☆236Apr 2, 2022Updated 3 years ago
- Portable & Custmizable Windows Defender☆13Nov 10, 2021Updated 4 years ago
- Monitor ETW events for Windows process mitigation policies, with stack traces☆31Oct 7, 2022Updated 3 years ago
- Disable threat tracing from the kernel..☆14Apr 8, 2022Updated 3 years ago
- hooks gServerHandlers xxxEventWndProc☆13May 1, 2022Updated 3 years ago
- Reversed WintaPix Malware Source code | That targets countries in the Middle East and abuse KeServiceDescriptorTable(SSDT), persistence a…☆22Jul 6, 2024Updated last year
- 从MmPfnData中枚举进程和页目录基址☆208Aug 18, 2023Updated 2 years ago
- ☆16Apr 10, 2025Updated 11 months ago
- Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …☆55Dec 30, 2025Updated 2 months ago
- A collection of tools, source code, and papers researching Windows' implementation of CET.☆90Oct 6, 2020Updated 5 years ago
- Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar☆137Aug 10, 2024Updated last year
- A simple process query/manipulation tool using driver hooked system call. (2019)☆12Aug 30, 2021Updated 4 years ago
- Custom KiSystemStartup, can be used to modificate kernel before boot.☆53Apr 7, 2022Updated 3 years ago
- Reimplementation of Microsoft's Warbird obuscator☆207Jun 24, 2024Updated last year
- A minimal CR3 protection PoC (KdpTrap hook)☆16Jan 25, 2025Updated last year
- ☆49Feb 21, 2022Updated 4 years ago
- VM firmware pkg for Project Mu☆47Feb 6, 2026Updated last month
- Debug Print viewer (user and kernel)☆72Feb 7, 2024Updated 2 years ago
- Runtime smm module loader☆37Jan 12, 2023Updated 3 years ago
- A fast method to intercept syscalls from any user-mode process using InstrumentationCallback and detect any process using Instrumentation…☆39Sep 23, 2023Updated 2 years ago
- ☆144Dec 10, 2022Updated 3 years ago
- ☆367May 11, 2025Updated 10 months ago
- Packet Injection With WFP☆16Feb 20, 2023Updated 3 years ago