BYOVD: Loading dbk64.sys and grabbing a handle to it
☆164Jun 8, 2022Updated 3 years ago
Alternatives and similar repositories for ceload
Users that are interested in ceload are comparing it to the libraries listed below
Sorting:
- ☆31Jan 12, 2022Updated 4 years ago
- Hijack NotifyRoutine for a kernelmode thread☆41Jun 4, 2022Updated 3 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆271Aug 31, 2022Updated 3 years ago
- Allows you to parse all messages sent to DbgPrint without any process interaction.☆32Apr 8, 2020Updated 5 years ago
- ☆149Jun 5, 2023Updated 2 years ago
- ☆12Oct 12, 2021Updated 4 years ago
- Intel learning hypervisor and some extend function☆23Aug 23, 2025Updated 6 months ago
- IDA Pro plugin to make bitfield accesses easier to grep☆254Aug 3, 2025Updated 7 months ago
- A Windows kernel dump C++ parser library with Python 3 bindings.☆213Oct 5, 2025Updated 5 months ago
- Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks☆413Jul 4, 2025Updated 8 months ago
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆663Jan 28, 2025Updated last year
- A WinDbg extension to trace COM interactions☆131Aug 14, 2025Updated 7 months ago
- A C++14/17 header-only Windows memory editing library with a focus on type safety and modern C++ style.☆13Jun 3, 2019Updated 6 years ago
- Load your driver like win32k.sys☆258Aug 20, 2022Updated 3 years ago
- ☆47Nov 26, 2020Updated 5 years ago
- .lib file for linking against the NT CRT☆19Mar 18, 2022Updated 4 years ago
- Support Windows OS Reversing by searching easily for references to functions across many DLLs☆36Jan 12, 2022Updated 4 years ago
- A kernel mode Windows rootkit in development.☆49Dec 31, 2021Updated 4 years ago
- A dumper for all the imports stored within a Windows PE (portable executable).☆15Mar 16, 2022Updated 4 years ago
- A kernelmode driver swapping a .data pointer in the kernel to perform communication between the kernel and usermode.☆142Oct 20, 2020Updated 5 years ago
- ☆47Feb 27, 2022Updated 4 years ago
- C/C++ Runtime library for system file (Windows Kernel Driver) - Supports Microsoft STL☆192Aug 27, 2022Updated 3 years ago
- a minimalistic windows hypervisor for amd processors☆146Jun 30, 2022Updated 3 years ago
- Advanced driver monitoring utility.☆219Mar 7, 2026Updated last week
- X86 Mutation Engine with Portable Executable compatibility.☆536May 24, 2022Updated 3 years ago
- The windows kernel debugger consists of two parts, KMOD which is the kernel driver handling ring3 request and KCLI, the command line inte…☆99Sep 12, 2022Updated 3 years ago
- Bindings for Microsoft WinDBG TTD☆235Aug 5, 2023Updated 2 years ago
- Detect removed thread from PspCidTable.☆75Mar 18, 2022Updated 4 years ago
- ☆72Feb 28, 2023Updated 3 years ago
- Analyze patches in a process☆260Jul 28, 2021Updated 4 years ago
- HyperDeceit is the ultimate all-in-one library that emulates Hyper-V for Windows, giving you the ability to intercept and manipulate oper…☆380Jun 3, 2023Updated 2 years ago
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆51Mar 11, 2021Updated 5 years ago
- x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration☆393Jul 6, 2022Updated 3 years ago
- A post-processing script for TinyTracer☆39Mar 22, 2023Updated 2 years ago
- A Windows kernel-mode rootkit that abuses legitimate communication channels to control a machine.☆723Aug 5, 2020Updated 5 years ago
- A library to develop kernel level Windows payloads for post HVCI era☆488May 18, 2021Updated 4 years ago
- A code parser for C-Style header files that lets you to parse function's prototypes and data types used in their parameters.☆94Apr 17, 2022Updated 3 years ago
- Kernel driver for detecting Intel VT-x hypervisors.☆202Jul 11, 2023Updated 2 years ago
- Reverse engineered API for Microsoft's Time Travel Debugger☆36Apr 18, 2024Updated last year