johnsonjason / KeProcessOverlay
Reading/writing memory from kernel-mode
☆21Updated 7 years ago
Related projects ⓘ
Alternatives and complementary repositories for KeProcessOverlay
- NT reversal☆26Updated 6 years ago
- ☆36Updated 7 years ago
- ☆33Updated 4 years ago
- A Simple Example☆20Updated 5 years ago
- ☆46Updated 3 years ago
- comparing data of module exports from disk and memory, then caching any differences.☆22Updated 2 years ago
- Simple IOCTL hooking driver for Kernel- User - Mode communication.☆10Updated 4 years ago
- Manual PE image mapper☆61Updated 11 years ago
- A wrapper class to hide the original calling address of a function☆55Updated 4 years ago
- realExtern.sys driver☆65Updated 4 years ago
- Detect removed thread from PspCidTable.☆68Updated 2 years ago
- Stealthy Injector that leverages a vulnerable driver and other exploits to remain undetected☆37Updated 5 years ago
- reverse engineering of bedaisy.sys (battleyes kernel driver) - Aki2k/BEDaisy☆59Updated 4 years ago
- ☆25Updated 7 years ago
- Handling C++ & __try exceptions without the need of built-in handlers.☆65Updated 3 years ago
- (DEPRECATED) A simple anti-anti debug library for Windows☆29Updated 4 years ago
- Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.☆27Updated 2 years ago
- A bunch of architectural headers for i386 and AMD64☆35Updated last year
- My take on the capcom driver vulnerability☆26Updated 7 years ago
- driver interface with dll-injection capabilities☆28Updated 4 years ago
- A poc that abuses Enclave☆36Updated 2 years ago
- Example of hijacking system calls via function pointer tables☆31Updated 3 years ago
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆48Updated 3 years ago