ioncodes / rapid-kdbg-hyperv
☆15Updated 2 years ago
Alternatives and similar repositories for rapid-kdbg-hyperv:
Users that are interested in rapid-kdbg-hyperv are comparing it to the libraries listed below
- WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API☆22Updated 3 years ago
- A demonstration of hooking into the VMProtect-2 virtual machine☆18Updated last year
- ☆29Updated 3 years ago
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆49Updated 4 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆24Updated 3 years ago
- Windows driver template, using C++20 & cmake & GithubActions☆22Updated 8 months ago
- This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM☆22Updated last year
- Fix VMProtect 3.xx (tested 3.0.9 to 3.5.0)☆17Updated 3 years ago
- ☆27Updated last year
- ☆26Updated 3 years ago
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆39Updated 2 years ago
- Some drivers I've written while solving exercises from Practical Reverse Engineering☆15Updated 3 years ago
- Hijack NotifyRoutine for a kernelmode thread☆41Updated 2 years ago
- A driver to implement IOCTL hooking☆24Updated 3 years ago
- How Meltdown and Spectre haunt Anti-Cheat: DVRT details☆21Updated 8 months ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆63Updated last year
- x64 assembler library☆31Updated 10 months ago
- ☆16Updated 2 years ago
- detect hypervisor with Nmi Callback☆34Updated 2 years ago
- A project on the Unicorn emulator to emulate the code of Pe files in windows☆21Updated 7 months ago
- ☆29Updated 2 years ago
- Just an example of a well-known technique to detect memory tampering via Windows Working Sets.☆16Updated 3 years ago
- An example code of CiGetCertPublisherName☆15Updated 3 years ago
- ☆22Updated last year
- Detects if a Kernel mode debugger is active by reading the value of KUSER_SHARED_DATA.KdDebuggerEnabled. It is a high level and portable …☆23Updated 7 years ago
- ☆22Updated last year
- A poc that abuses Enclave☆38Updated 2 years ago
- RET / JMP RBX call spoofer☆10Updated 5 years ago
- ☆22Updated last year
- Shh0ya Kernel Hook Driver☆21Updated 4 years ago