irql / nokd
reverse engineering of the windows nt kernel debugger protocol & reimplementation.
☆22Updated 7 months ago
Alternatives and similar repositories for nokd:
Users that are interested in nokd are comparing it to the libraries listed below
- x86-64 user mode emulation using Zydis☆44Updated last month
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆48Updated 3 years ago
- How Meltdown and Spectre haunt Anti-Cheat: DVRT details☆21Updated 5 months ago
- Visual Studio Project example for using Microsoft's STL in WDM (Windows Kernel-mode Driver)☆25Updated 3 years ago
- This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM☆22Updated last year
- Symbolic Execution based on lifting amd64 to z3☆21Updated 7 months ago
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆36Updated 3 months ago
- detect hypervisor with Nmi Callback☆34Updated 2 years ago
- Binary DisASseMbler☆23Updated 2 years ago
- Windows kernel driver template for cmkr (with testsigning).☆30Updated last year
- Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible. No …☆15Updated 8 months ago
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆71Updated last year
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆39Updated 2 years ago
- A project on the Unicorn emulator to emulate the code of Pe files in windows☆21Updated 5 months ago
- Windows PDB parser for kernel-mode environment.☆94Updated 2 years ago
- Library to manipulate drivers that expose a physical memory read/write primitive.☆23Updated last year
- Kernel ReClassEx☆65Updated last year
- Binary rewriter for 64-bit PE files.☆67Updated last year
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆63Updated last year
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆56Updated last year
- Proof-of-concept game using VBS enclaves to protect itself from cheating☆27Updated 3 months ago
- x64 PE-COFF virtualization driven obfuscation engine☆55Updated 2 years ago
- Me fockin' pe protector☆44Updated 2 years ago
- My research WIP bluepill hypervisor☆41Updated last year
- ☆15Updated last year
- Test data for x86 instructions☆13Updated 3 years ago
- Type 2 Hypervisor for security research supported by AMD-V hardware assisted virtualization☆38Updated 2 years ago
- x64 Windows implementation of virtual-address to physical-address translation☆40Updated 3 years ago
- A large collection of 32bit and 64bit PE files useful for verifying the correctness of bin2bin transformations☆50Updated 6 months ago
- ☆22Updated last year