Translate virtual addresses to physical addresses from usermode.
☆103Jun 7, 2024Updated last year
Alternatives and similar repositories for superfetch
Users that are interested in superfetch are comparing it to the libraries listed below
Sorting:
- Minimalistic HTTP(S) client for the NT kernel☆62Dec 1, 2025Updated 2 months ago
- How to use PiDqSerializationWrite. Introduces how to safely read and write from mapped driver☆26May 29, 2023Updated 2 years ago
- ☆17Dec 18, 2020Updated 5 years ago
- ☆37Sep 26, 2024Updated last year
- ☆47Jul 7, 2024Updated last year
- Hooking Windows' exception dispatcher to protect process's PML4☆227Jan 24, 2025Updated last year
- arm64 linux position-independent shellcode framework☆30Dec 12, 2025Updated 2 months ago
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆78Mar 29, 2025Updated 10 months ago
- A simple POC to show how to chain multiple callbacks via tail calls to artificially construct a call stack☆99Dec 22, 2025Updated 2 months ago
- ☆18Feb 5, 2025Updated last year
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆61Oct 19, 2024Updated last year
- Disks for DMA☆141Apr 28, 2021Updated 4 years ago
- page table manipulation to gain physical r/w☆43May 7, 2024Updated last year
- Control Flow Linearization☆25May 4, 2025Updated 9 months ago
- A library to develop kernel level Windows payloads for post HVCI era☆485May 18, 2021Updated 4 years ago
- Windows kernel driver that detects hypervisors by probing SIDT/LIDT edge cases, paging/TLB behaviors, privilege transitions, and timing e…☆36Dec 17, 2025Updated 2 months ago
- Windows rootkit designed to work with BYOVD exploits☆216Jan 18, 2025Updated last year
- A method to Disable DSE using .data ptr hooks☆38Feb 1, 2024Updated 2 years ago
- Binary rewriter for 64-bit PE files.☆100Feb 5, 2024Updated 2 years ago
- Patches DSE by swapping both data ptrs located in SeValidateImageHeader && SeValidateImageData☆22Feb 9, 2024Updated 2 years ago
- Windows 11 24H2-25H2 Runtime PatchGuard Bypass☆252Nov 4, 2025Updated 3 months ago
- Emulate Drivers in RING3 with self context mapping or unicorn☆21Jan 1, 2025Updated last year
- partially disable patchguard up to win11 21H2☆19Jun 3, 2024Updated last year
- Kernel driver for detecting Intel VT-x hypervisors.☆197Jul 11, 2023Updated 2 years ago
- Proof-of-concept game using VBS enclaves to protect itself from cheating☆49Nov 10, 2024Updated last year
- Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …☆54Dec 30, 2025Updated last month
- x86-64 Automated test data generator☆26Aug 18, 2025Updated 6 months ago
- ☆82Apr 23, 2024Updated last year
- Simple EFI runtime driver that hooks GetVariable function and returns data expected by Windows to make it think that it's running with se…☆214Oct 1, 2021Updated 4 years ago
- Disk based DMA for ATA and SCSI☆42Sep 22, 2023Updated 2 years ago
- A mapper that maps shellcode into loaded large page drivers☆324Apr 26, 2022Updated 3 years ago
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆83Dec 21, 2022Updated 3 years ago
- ☆23May 8, 2023Updated 2 years ago
- Collection of hypervisor detections☆296Sep 25, 2024Updated last year
- Windows kernel debugger for Linux hosts running Windows under KVM/QEMU☆128Feb 9, 2026Updated 2 weeks ago
- Static user/kernel mode library that allows access to all functions and global variables by extracting offsets from the PDB☆118May 29, 2025Updated 8 months ago
- Usermode NT Explorer - Query kernel addresses, translate virtual to physical addresses, inspect the PFN database, and more.☆72Jan 27, 2026Updated last month
- "Mingw64 Driver Plus Plus": Mingw64, C++, DDK and (EA)STL made easy!☆44Updated this week
- ☆31Oct 1, 2021Updated 4 years ago