jseclab / UGuardMap
bootkit驱动映射,三环进程注入加载指定模块
☆11Updated last month
Related projects ⓘ
Alternatives and complementary repositories for UGuardMap
- windows kernel pagehook☆38Updated 2 years ago
- 使用 Intel 虚拟化特性实现应用层HOOK☆18Updated this week
- research revolving the windows filtering platform callout mechanism☆20Updated 5 months ago
- Compile-Time Calls Obfuscator for C++14+☆34Updated 11 months ago
- An extended proof-of-concept for the CVE-2021-21551 Dell ‘dbutil_2_3.sys’ Kernel Exploit☆23Updated 3 years ago
- A method to Disable DSE using .data ptr hooks☆24Updated 9 months ago
- direct systemcalls with a modern c++20 interface.☆41Updated last year
- 大部分常见windows内核文件合集 下方链接里有更多更全面的☆14Updated last year
- Windows Research Kernel VS2022 Solution☆23Updated 2 months ago
- WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API☆19Updated 2 years ago
- ☆23Updated 8 months ago
- ☆25Updated 3 years ago
- 这篇文章的目的是介绍一款实验性项目基于COM命名管道或者Windows Hyper-V虚拟机Vmbus通道实现的运行在uefi上的windbg调试引擎开发心得☆39Updated 4 months ago
- Enum and Remove Hook in Windows☆32Updated last month
- ☆26Updated last year
- A poc that abuses Enclave☆36Updated 2 years ago
- VEH debug plugin☆13Updated 2 years ago
- Hijack NotifyRoutine for a kernelmode thread☆41Updated 2 years ago
- detect hypervisor with Nmi Callback☆34Updated 2 years ago
- ☆23Updated last year
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆32Updated 3 weeks ago
- 利用物理内存映射,实现虚拟内存的伪隐藏☆72Updated 2 years ago
- Only for Stress-Testing☆22Updated 2 years ago
- ☆28Updated 10 months ago
- POC Hook of nt!HvcallCodeVa☆49Updated last year
- ntos shit☆21Updated 8 months ago
- collection of code snippets,windbg,python scripts and resources☆13Updated 2 years ago
- Call NtCreateUserProcess directly as normal.☆66Updated 2 years ago
- UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.☆44Updated last year