kkent030315 / CiGetCertPublisherNameView external linksLinks
An example code of CiGetCertPublisherName
☆17Mar 24, 2022Updated 3 years ago
Alternatives and similar repositories for CiGetCertPublisherName
Users that are interested in CiGetCertPublisherName are comparing it to the libraries listed below
Sorting:
- Custom KiSystemStartup, can be used to modificate kernel before boot.☆53Apr 7, 2022Updated 3 years ago
- Detect removed thread from PspCidTable.☆75Mar 18, 2022Updated 3 years ago
- collection of code snippets,windbg,python scripts and resources☆14Jul 11, 2022Updated 3 years ago
- Experiment to use sections as User/Kernelmode comm vector☆22Apr 7, 2023Updated 2 years ago
- Simple Demo of using Windows Hypervisor Platform☆29Jul 14, 2025Updated 7 months ago
- ☆51Jan 9, 2021Updated 5 years ago
- A way to detect DBI frameworks, Debuggers and VMs.☆24Nov 17, 2020Updated 5 years ago
- ☆34Apr 11, 2023Updated 2 years ago
- Illustrates the concept of return address spoofing, and how it is used.☆14May 13, 2020Updated 5 years ago
- ☆16Oct 31, 2022Updated 3 years ago
- Kernel driver for detecting Intel VT-x hypervisors.☆192Jul 11, 2023Updated 2 years ago
- clearing traces of a loaded driver☆47Jul 2, 2022Updated 3 years ago
- A simple x86_64 AMD-v hypervisor type-2 Programmed with C++, with soon to be added syscall hooks. [W.I.P]☆103Aug 3, 2023Updated 2 years ago
- Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …☆53Dec 30, 2025Updated last month
- ☆68Dec 17, 2020Updated 5 years ago
- ☆36Jun 20, 2022Updated 3 years ago
- Mapping your code on a 0x1000 size page☆71May 20, 2022Updated 3 years ago
- Generate Code-Signing Certificates by clicking only one button.☆32Jan 26, 2019Updated 7 years ago
- A C++ syscall ID extractor for Windows. Developed, debugged and tested on 20H2.☆21May 25, 2021Updated 4 years ago
- Hijack NotifyRoutine for a kernelmode thread☆41Jun 4, 2022Updated 3 years ago
- base for testing☆186Sep 28, 2024Updated last year
- a simple intel vt code both support x86 & x64. PatchGuard monitor.☆77Oct 28, 2021Updated 4 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆119Feb 8, 2022Updated 4 years ago
- Use ci.dll API for validating Authenticode signature of files☆166Mar 28, 2022Updated 3 years ago
- A simple way to spoof return addresses using an exception handler☆43Aug 3, 2022Updated 3 years ago
- Helper functions for calculating the authenticode digest for a portable executable file☆21Apr 30, 2020Updated 5 years ago
- A virtualization-based endpoint security solution for Windows☆88May 23, 2021Updated 4 years ago
- search for a driver/dll module that has a wanted section bigger than the size of your image☆20Aug 14, 2021Updated 4 years ago
- Bypassing kernel patch protection runtime☆21Feb 19, 2023Updated 2 years ago
- PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook☆12May 30, 2024Updated last year
- x86_64, PE32+, FAT32 bootloader☆27Jul 4, 2021Updated 4 years ago
- Virtualization detection through speculative execution PoCs and papers☆69May 22, 2018Updated 7 years ago
- The Kernel-Mode Winsock library, supporting TCP, UDP and Unix sockets (DGRAM and STREAM).☆275Jan 27, 2025Updated last year
- 🪝 Various EPT hook detection approaches☆143Jul 29, 2025Updated 6 months ago
- Resolve DOS MZ executable symbols at runtime☆96Nov 12, 2021Updated 4 years ago
- A VMBR (Virtual-Machine Based Rootkit) which runs a guest OS and sends the attacker its data☆28Apr 27, 2024Updated last year
- Data and structures regarding the research done on WdFilter☆12Apr 15, 2020Updated 5 years ago
- Windows kernel-mode driver Allocator for Rust☆11Oct 8, 2018Updated 7 years ago
- reveal and detect of common hooks under win32☆13Sep 23, 2020Updated 5 years ago