BYOVD: Loading dbk64.sys and grabbing a handle to it
☆164Jun 8, 2022Updated 3 years ago
Alternatives and similar repositories for ceload
Users that are interested in ceload are comparing it to the libraries listed below
Sorting:
- ☆31Jan 12, 2022Updated 4 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆268Aug 31, 2022Updated 3 years ago
- Hijack NotifyRoutine for a kernelmode thread☆41Jun 4, 2022Updated 3 years ago
- Allows you to parse all messages sent to DbgPrint without any process interaction.☆32Apr 8, 2020Updated 5 years ago
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆657Jan 28, 2025Updated last year
- IDA Pro plugin to make bitfield accesses easier to grep☆254Aug 3, 2025Updated 6 months ago
- ☆149Jun 5, 2023Updated 2 years ago
- C/C++ Runtime library for system file (Windows Kernel Driver) - Supports Microsoft STL☆192Aug 27, 2022Updated 3 years ago
- A kernel mode Windows rootkit in development.☆49Dec 31, 2021Updated 4 years ago
- A kernelmode driver swapping a .data pointer in the kernel to perform communication between the kernel and usermode.☆142Oct 20, 2020Updated 5 years ago
- Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks☆411Jul 4, 2025Updated 7 months ago
- A Windows kernel dump C++ parser library with Python 3 bindings.☆213Oct 5, 2025Updated 4 months ago
- Load your driver like win32k.sys☆258Aug 20, 2022Updated 3 years ago
- A WinDbg extension to trace COM interactions☆131Aug 14, 2025Updated 6 months ago
- Support Windows OS Reversing by searching easily for references to functions across many DLLs☆36Jan 12, 2022Updated 4 years ago
- Easy Anti PatchGuard☆223Apr 9, 2021Updated 4 years ago
- Analyze patches in a process☆259Jul 28, 2021Updated 4 years ago
- A C++14/17 header-only Windows memory editing library with a focus on type safety and modern C++ style.☆13Jun 3, 2019Updated 6 years ago
- A post-processing script for TinyTracer☆39Mar 22, 2023Updated 2 years ago
- Advanced driver monitoring utility.☆218Jul 13, 2022Updated 3 years ago
- Bindings for Microsoft WinDBG TTD☆235Aug 5, 2023Updated 2 years ago
- ☆47Feb 27, 2022Updated 4 years ago
- X86 Mutation Engine with Portable Executable compatibility.☆534May 24, 2022Updated 3 years ago
- A Windows kernel-mode rootkit that abuses legitimate communication channels to control a machine.☆722Aug 5, 2020Updated 5 years ago
- a minimalistic windows hypervisor for amd processors☆138Jun 30, 2022Updated 3 years ago
- Browse Page Tables on Windows (Page Table Viewer)☆234Apr 2, 2022Updated 3 years ago
- Intel learning hypervisor and some extend function☆23Aug 23, 2025Updated 6 months ago
- x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration☆386Jul 6, 2022Updated 3 years ago
- A simple x86_64 AMD-v hypervisor type-2 Programmed with C++, with soon to be added syscall hooks. [W.I.P]☆104Aug 3, 2023Updated 2 years ago
- ☆47Nov 26, 2020Updated 5 years ago
- ☆72Feb 28, 2023Updated 3 years ago
- Cross-platform tool that allows browsing and extracting C and C++ type declarations from PDB files.☆360Feb 9, 2025Updated last year
- Reverse engineered API for Microsoft's Time Travel Debugger☆36Apr 18, 2024Updated last year
- A simple password-based PE encryptor for Windows 32-bit executables.☆51Jan 9, 2025Updated last year
- reverse engineering extension plugin for windbg☆121Sep 30, 2019Updated 6 years ago
- ☆423Jan 1, 2025Updated last year
- .lib file for linking against the NT CRT☆18Mar 18, 2022Updated 3 years ago
- LLVM based devirtualization PoC’s.☆21Dec 11, 2021Updated 4 years ago
- HyperDeceit is the ultimate all-in-one library that emulates Hyper-V for Windows, giving you the ability to intercept and manipulate oper…☆376Jun 3, 2023Updated 2 years ago