An example code of CiGetCertPublisherName
☆16Mar 24, 2022Updated 3 years ago
Alternatives and similar repositories for CiGetCertPublisherName
Users that are interested in CiGetCertPublisherName are comparing it to the libraries listed below
Sorting:
- Custom KiSystemStartup, can be used to modificate kernel before boot.☆53Apr 7, 2022Updated 3 years ago
- Detect removed thread from PspCidTable.☆75Mar 18, 2022Updated 3 years ago
- collection of code snippets,windbg,python scripts and resources☆13Jul 11, 2022Updated 3 years ago
- Experiment to use sections as User/Kernelmode comm vector☆22Apr 7, 2023Updated 2 years ago
- Simple Demo of using Windows Hypervisor Platform☆29Jul 14, 2025Updated 7 months ago
- ☆51Jan 9, 2021Updated 5 years ago
- A way to detect DBI frameworks, Debuggers and VMs.☆24Nov 17, 2020Updated 5 years ago
- ☆34Apr 11, 2023Updated 2 years ago
- ☆17Oct 31, 2022Updated 3 years ago
- Illustrates the concept of return address spoofing, and how it is used.☆14May 13, 2020Updated 5 years ago
- clearing traces of a loaded driver☆47Jul 2, 2022Updated 3 years ago
- Kernel driver for detecting Intel VT-x hypervisors.☆197Jul 11, 2023Updated 2 years ago
- A simple x86_64 AMD-v hypervisor type-2 Programmed with C++, with soon to be added syscall hooks. [W.I.P]☆104Aug 3, 2023Updated 2 years ago
- ☆68Dec 17, 2020Updated 5 years ago
- ☆36Jun 20, 2022Updated 3 years ago
- Mapping your code on a 0x1000 size page☆71May 20, 2022Updated 3 years ago
- Generate Code-Signing Certificates by clicking only one button.☆32Jan 26, 2019Updated 7 years ago
- A C++ syscall ID extractor for Windows. Developed, debugged and tested on 20H2.☆21May 25, 2021Updated 4 years ago
- Hijack NotifyRoutine for a kernelmode thread☆41Jun 4, 2022Updated 3 years ago
- Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …☆55Dec 30, 2025Updated 2 months ago
- base for testing☆187Sep 28, 2024Updated last year
- a simple intel vt code both support x86 & x64. PatchGuard monitor.☆77Oct 28, 2021Updated 4 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆121Feb 8, 2022Updated 4 years ago
- Use ci.dll API for validating Authenticode signature of files☆167Mar 28, 2022Updated 3 years ago
- A simple way to spoof return addresses using an exception handler☆44Aug 3, 2022Updated 3 years ago
- Helper functions for calculating the authenticode digest for a portable executable file☆21Apr 30, 2020Updated 5 years ago
- search for a driver/dll module that has a wanted section bigger than the size of your image☆21Aug 14, 2021Updated 4 years ago
- Bypassing kernel patch protection runtime☆22Feb 19, 2023Updated 3 years ago
- A virtualization-based endpoint security solution for Windows☆88May 23, 2021Updated 4 years ago
- PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook☆12May 30, 2024Updated last year
- x86_64, PE32+, FAT32 bootloader��☆28Jul 4, 2021Updated 4 years ago
- Virtualization detection through speculative execution PoCs and papers☆69May 22, 2018Updated 7 years ago
- 🪝 Various EPT hook detection approaches☆143Feb 22, 2026Updated 2 weeks ago
- Resolve DOS MZ executable symbols at runtime☆96Nov 12, 2021Updated 4 years ago
- The Kernel-Mode Winsock library, supporting TCP, UDP and Unix sockets (DGRAM and STREAM).☆288Jan 27, 2025Updated last year
- A VMBR (Virtual-Machine Based Rootkit) which runs a guest OS and sends the attacker its data☆28Apr 27, 2024Updated last year
- ☆12Jul 12, 2022Updated 3 years ago
- CryptoNet protects your Unreal Engine 4 game against network-based hacks, by encrypting replication!☆11Oct 22, 2021Updated 4 years ago
- ASM Bootkit that patches DSE at boot allowing to load unsigned drivers☆15Aug 24, 2025Updated 6 months ago