A VMBR (Virtual-Machine Based Rootkit) which runs a guest OS and sends the attacker its data
☆28Apr 27, 2024Updated last year
Alternatives and similar repositories for VMBR
Users that are interested in VMBR are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- List UEFI Configuration Tables☆14May 23, 2024Updated last year
- An example code of CiGetCertPublisherName☆16Mar 24, 2022Updated 4 years ago
- a dkom rootkit that targets windows x64 systems. the rootkit hooks and edits criticl memory sections in order to hide different resources…☆19Jul 5, 2023Updated 2 years ago
- ☆33Dec 22, 2020Updated 5 years ago
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated last year
- Enum and Remove Hook in Windows☆52Dec 11, 2025Updated 3 months ago
- Interprocess communication library, providing the ability to call functions from each other☆20Oct 3, 2019Updated 6 years ago
- windows rootkit☆60May 2, 2024Updated last year
- 横向移动三剑客 ( Lateral movement tools)☆30Nov 16, 2021Updated 4 years ago
- 参考taviso的代码逆向一下mpengine.dll☆20Jun 30, 2022Updated 3 years ago
- ☆17Oct 31, 2022Updated 3 years ago
- Windows Console Monitor☆34Jun 11, 2019Updated 6 years ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- Bof of RegPwn by MDSec☆72Mar 15, 2026Updated last week
- Static Library For Windows Drivers☆41Dec 13, 2025Updated 3 months ago
- A introductory workshop to getting started with fuzzing using american fuzzy lop (AFL)☆23Oct 10, 2019Updated 6 years ago
- Detect removed thread from PspCidTable.☆75Mar 18, 2022Updated 4 years ago
- Fuzzing v8 with dharma and libfuzzer☆13Jan 28, 2020Updated 6 years ago
- A simple way to spoof return addresses using an exception handler☆44Aug 3, 2022Updated 3 years ago
- Windows kernel-mode driver Allocator for Rust☆11Oct 8, 2018Updated 7 years ago
- Repository of different kernel drivers written while studying Windows NT Driver development☆12Apr 14, 2024Updated last year
- Microsoft decompiled IrDA drivers☆16Apr 15, 2015Updated 10 years ago
- Walks through the 4-level paging structures in Windows x64☆13Feb 12, 2023Updated 3 years ago
- Application Verifier Dynamic Fault Injection☆41Jan 12, 2026Updated 2 months ago
- PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook☆13May 30, 2024Updated last year
- A 64 bit OS☆10Nov 12, 2025Updated 4 months ago
- Simple command line tool to enumerate loaded WFP callout drivers☆10Feb 2, 2024Updated 2 years ago
- ☆44Nov 18, 2024Updated last year
- Rootkit & Anti-rootkit☆41Jan 27, 2024Updated 2 years ago
- ☆63May 31, 2024Updated last year
- Monitor ETW events for Windows process mitigation policies, with stack traces☆31Oct 7, 2022Updated 3 years ago
- Hyper-V sockets☆29Sep 11, 2017Updated 8 years ago
- clearing traces of a loaded driver☆47Jul 2, 2022Updated 3 years ago
- Ready-to-use headers for Windows Kernel SSDT indices☆11Apr 12, 2020Updated 5 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆41Dec 31, 2020Updated 5 years ago
- Optimized software implementation in C of the RC4 encryption algorithm.☆14Mar 4, 2013Updated 13 years ago
- Core Submodule of Exploration C2☆24Jan 27, 2026Updated last month
- kernel driver used to monitor the activity of BadlionAnticheat.sys by patching its IAT☆32Jul 9, 2021Updated 4 years ago
- ☆34Aug 14, 2023Updated 2 years ago