☆24Jul 15, 2023Updated 2 years ago
Alternatives and similar repositories for warbird-example
Users that are interested in warbird-example are comparing it to the libraries listed below
Sorting:
- ☆23Jul 24, 2023Updated 2 years ago
- Disk based DMA for ATA and SCSI☆42Sep 22, 2023Updated 2 years ago
- Kernel Level NMI Callback Blocker☆165Sep 27, 2025Updated 5 months ago
- WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API☆26Apr 24, 2022Updated 3 years ago
- A poc that abuses Enclave☆40Sep 8, 2022Updated 3 years ago
- Use ci.dll API for validating Authenticode signature of files☆167Mar 28, 2022Updated 3 years ago
- Interprocess communication via a covert timing channel☆26Oct 24, 2025Updated 4 months ago
- Simple Demo of using Windows Hypervisor Platform☆29Jul 14, 2025Updated 7 months ago
- ☆223Mar 11, 2023Updated 2 years ago
- ☆16Apr 10, 2025Updated 10 months ago
- Reversed WintaPix Malware Source code | That targets countries in the Middle East and abuse KeServiceDescriptorTable(SSDT), persistence a…☆22Jul 6, 2024Updated last year
- windows内核安全与驱动开发代码☆12Apr 4, 2020Updated 5 years ago
- MiniSDK☆10Nov 8, 2021Updated 4 years ago
- A simple process query/manipulation tool using driver hooked system call. (2019)☆12Aug 30, 2021Updated 4 years ago
- Browse Page Tables on Windows (Page Table Viewer)☆234Apr 2, 2022Updated 3 years ago
- Mapping your code on a 0x1000 size page☆71May 20, 2022Updated 3 years ago
- Enum and Remove Hook in Windows☆51Dec 11, 2025Updated 2 months ago
- pdb's function and global vars to offset☆10Apr 11, 2023Updated 2 years ago
- A minimal CR3 protection PoC (KdpTrap hook)☆15Jan 25, 2025Updated last year
- collection of code snippets,windbg,python scripts and resources☆13Jul 11, 2022Updated 3 years ago
- Swap control lioctl with trampoline recording in the .text section☆13Jul 1, 2021Updated 4 years ago
- REcon 2024 Repo, slides for talk "GOP Complex: Image parsing bugs, EBC polymorphic engines and the Deus ex machina of UEFI exploit dev""☆14Mar 31, 2025Updated 11 months ago
- ☆49Feb 21, 2022Updated 4 years ago
- 从MmPfnData中枚举进程和页目录基址☆207Aug 18, 2023Updated 2 years ago
- A collection of tools, source code, and papers researching Windows' implementation of CET.☆89Oct 6, 2020Updated 5 years ago
- PTE hook☆35Jun 15, 2024Updated last year
- Runtime smm module loader☆35Jan 12, 2023Updated 3 years ago
- Monitor ETW events for Windows process mitigation policies, with stack traces☆31Oct 7, 2022Updated 3 years ago
- hooks gServerHandlers xxxEventWndProc☆13May 1, 2022Updated 3 years ago
- Cross-platform proxy resolution library written in C.☆17Updated this week
- Disable threat tracing from the kernel..☆14Apr 8, 2022Updated 3 years ago
- Another UEFI runtime bootkit☆37May 8, 2023Updated 2 years ago
- Portable & Custmizable Windows Defender☆13Nov 10, 2021Updated 4 years ago
- Custom KiSystemStartup, can be used to modificate kernel before boot.☆53Apr 7, 2022Updated 3 years ago
- Use NtSetInformationThread(ThreadBreakOnTermination) for anti-debugging☆15Sep 21, 2019Updated 6 years ago
- Experiment building lifting-bits dependencies with pure CMake. Migrated to:☆22Oct 8, 2024Updated last year
- Packet Injection With WFP☆16Feb 20, 2023Updated 3 years ago
- ☆183May 20, 2022Updated 3 years ago
- Hooking Windows' exception dispatcher to protect process's PML4☆228Jan 24, 2025Updated last year