helloobaby / HyperTool
Intel learning hypervisor and some extend function
☆21Updated 2 years ago
Related projects: ⓘ
- A poc that abuses Enclave☆36Updated 2 years ago
- ☆15Updated this week
- ☆23Updated last year
- detect hypervisor with Nmi Callback☆32Updated last year
- ☆18Updated last year
- ☆28Updated this week
- ☆19Updated 2 years ago
- Illustrates the concept of return address spoofing, and how it is used.☆14Updated 4 years ago
- pdb's function and global vars to offset☆10Updated last year
- Open Anti Cheat☆27Updated 2 years ago
- Not mine. Only for saving☆20Updated 2 years ago
- IDA scripts for hypervisor (Hyper-v) analysis and reverse engineering automation☆25Updated 2 years ago
- Disable threat tracing from the kernel..☆12Updated 2 years ago
- ☆23Updated last year
- ☆10Updated 2 years ago
- comparing data of module exports from disk and memory, then caching any differences.☆23Updated 2 years ago
- A project on the Unicorn emulator to emulate the code of Pe files in windows☆15Updated last week
- ☆33Updated 4 years ago
- Old way for blocking NMI interrupts☆25Updated 2 years ago
- ☆19Updated 2 years ago
- Stealing signatures from pe files☆15Updated 2 years ago
- search for a driver/dll module that has a wanted section bigger than the size of your image☆21Updated 3 years ago
- Logging library for kernel drivers written for the Windows NT operating system.☆17Updated 3 months ago
- UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.☆44Updated last year
- ☆23Updated 2 years ago
- Small class to parse debug info from PEs, download their respective PDBs from the Microsoft Public Symbol Server and calculate RVAs of fu…☆39Updated last year
- ☆12Updated 2 years ago
- Achieving code execution through abusing VEH☆15Updated last year
- Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.☆27Updated 2 years ago
- IO隐藏通信封装☆14Updated 3 years ago