idandev / hidefile-kernel-moduleLinks
A simple kernel module who hides a file by hooking the getdents64 syscall.
☆10Updated 2 years ago
Alternatives and similar repositories for hidefile-kernel-module
Users that are interested in hidefile-kernel-module are comparing it to the libraries listed below
Sorting:
- Kernel ReClassEx☆62Updated last year
- Improved VMP Idea(detect anti-anti-debug tools by bug)☆45Updated 2 years ago
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆55Updated 8 months ago
- detect hypervisor with Nmi Callback☆39Updated 2 years ago
- POC Hook of nt!HvcallCodeVa☆52Updated 2 years ago
- ☆30Updated 9 months ago
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆71Updated last year
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆47Updated 2 years ago
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆40Updated 3 years ago
- Windows PDB parser for kernel-mode environment.☆97Updated 3 weeks ago
- A Hyper-V Hacking Framework For Windows 10 x64 (AMD & Intel)☆70Updated last year
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆60Updated last year
- Binary rewriter for 64-bit PE files.☆78Updated last year
- Binary DisASseMbler☆23Updated 2 years ago
- windows kernel pagehook☆40Updated 2 years ago
- A simple ida python script to find .data ptr☆51Updated 2 years ago
- Obfuscate calls to imports by patching in stubs☆69Updated 3 years ago
- x64 Windows implementation of virtual-address to physical-address translation☆42Updated 4 years ago
- C/C++ antidebugging library for Windows☆22Updated 5 months ago
- ☆74Updated 2 years ago
- ntoskrnl .data hooks for UM-KM communication☆40Updated last year
- Code virtualizer☆24Updated 9 years ago
- Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible. No …☆20Updated last year
- Me fockin' pe protector☆45Updated 2 years ago
- based on https://github.com/secrary/Hooking-via-InstrumentationCallback☆71Updated 5 years ago
- VMProtectTest☆36Updated 2 years ago
- Tool to dump EFI runtime drivers.☆36Updated last year
- intel vt-x type 2 hypervisor☆56Updated 2 months ago
- A library to assist with memory & code protection.☆59Updated last year
- A Windows executable (PE) packer (x64) with LZMA compression and with full TLS (Thread Local Storage) support☆57Updated last week