kkent030315 / EvilHooker

Related projects ⓘ

Alternatives and complementary repositories for EvilHooker

• kkent030315 / ProcessVmAccess
  Two PoC of accessing process virtual memory via NT Kernel
  ☆24Updated 3 years ago
• crvvdev / intraceptor
  Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.
  ☆27Updated 2 years ago
• ByteWhite1x1 / PatchGuardResearch
  Bypassing kernel patch protection runtime
  ☆19Updated last year
• Ahora57 / Unabomber
  Improved VMP Idea(detect anti-anti-debug tools by bug)
  ☆40Updated last year
• rbapat / KernelInjector
  Stealthy Injector that leverages a vulnerable driver and other exploits to remain undetected
  ☆37Updated 5 years ago
• kkent030315 / anyvtop
  x64 Windows implementation of virtual-address to physical-address translation
  ☆41Updated 3 years ago
• kkent030315 / kernel_callbacks
  Bypasses for Windows kernel callbacks PatchGuard protection
  ☆42Updated 3 years ago
• m-odern / focus-theme-for-ida-pro-7.6
  ☆30Updated 2 years ago
• helloobaby / Nmi-Callback
  detect hypervisor with Nmi Callback
  ☆34Updated 2 years ago
• i32-Sudo / EfiGuardUsermodeLoader
  This is an EfiGuard BootLoader that can boot EfiGuard from Usermode with no USB or Setup as a Single Executable with automatic File Dumpi…
  ☆31Updated 2 months ago
• gmh5225 / FakeEnclave
  A poc that abuses Enclave
  ☆36Updated 2 years ago
• nelfo / PGHooker
  PAGE_GUARD based hooking library
  ☆40Updated 2 years ago
• BerkanYildiz / EasyNT
  Simplifies the Windows Kernel APIs by making the existing function easier to use, and extends them by creating functions that could possi…
  ☆26Updated 3 months ago
• SamuelTulach / GetDeviceInterfacesMemoryLeak
  Small memory leak PoC that is happening in IopGetDeviceInterfaces
  ☆23Updated 4 years ago
• zer0condition / CritBSOD
  Abusing RtlAdjustPrivilege and NtSetInformationProcess to cause a BSOD from usermode
  ☆15Updated 2 years ago
• kkent030315 / libinject
  A dll injector static library for Win x64 processes with handle elevation supported
  ☆12Updated 3 years ago
• kkent030315 / anyelevate
  x64 Windows privilege elevation using anycall
  ☆20Updated 3 years ago
• POPFD / HypervisorBase
  A library for intel VT-x hypervisor functionality supporting EPT shadowing.
  ☆48Updated 3 years ago
• KiFilterFiberContext / BadlionLogger
  kernel driver used to monitor the activity of BadlionAnticheat.sys by patching its IAT
  ☆32Updated 3 years ago
• Nitr0-G / PeVisor
  A project on the Unicorn emulator to emulate the code of Pe files in windows
  ☆19Updated 2 months ago
• h4xu3lyn / FuckPg
  Analysing and defeating PatchGuard universally
  ☆34Updated 4 years ago
• MellowNight / IOCTL-hook
  realExtern.sys driver
  ☆65Updated 4 years ago
• namazso / SaferIO
  A slightly safer io access library
  ☆12Updated 3 years ago
• NtKernelMC / MemoryGuard
  Memory Guard Library
  ☆11Updated 4 years ago
• UCFoxi / NotifyRoutineHijackThread
  Hijack NotifyRoutine for a kernelmode thread
  ☆41Updated 2 years ago
• Midi12 / drv-loader
  Simple driver loader for windows
  ☆18Updated 4 years ago
• namazso / simplerw
  a dumb rpm/wpm example driver
  ☆14Updated 3 years ago
• xu-Wan / HypercallPageHook
  POC Hook of nt!HvcallCodeVa
  ☆50Updated last year