kotae4 / ntkernel-dev-notes
☆23Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for ntkernel-dev-notes
- detect hypervisor with Nmi Callback☆34Updated 2 years ago
- POC Hook of nt!HvcallCodeVa☆50Updated last year
- A poc that abuses Enclave☆36Updated 2 years ago
- Hiding a system thread against conventional means of detection☆35Updated 4 years ago
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆48Updated 3 years ago
- Binary rewriter for 64-bit PE files.☆43Updated 9 months ago
- ☆30Updated last year
- Hijack NotifyRoutine for a kernelmode thread☆41Updated 2 years ago
- UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.☆44Updated last year
- x64 Windows implementation of virtual-address to physical-address translation☆41Updated 3 years ago
- ☆41Updated 3 years ago
- Handling C++ & __try exceptions without the need of built-in handlers.☆65Updated 3 years ago
- ☆11Updated 2 years ago
- Mapping your code on a 0x1000 size page☆69Updated 2 years ago
- ☆70Updated 2 years ago
- Old way for blocking NMI interrupts☆25Updated 2 years ago
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆33Updated last month
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆46Updated last year
- just proof of concept. hooking MmCopyMemory PG safe.☆63Updated last year
- This driver hooks a device object for ioctl and uses mdls to allocate physical pages and manually injects an entry into a process's page …☆11Updated last year
- ☆25Updated 3 years ago
- Discarded Section Manual Map☆66Updated 4 years ago
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆69Updated last year
- Windows PDB parser for kernel-mode environment.☆90Updated last year
- ☆18Updated 2 years ago
- A Hyper-V Hacking Framework For Windows 10 x64 (AMD & Intel)☆41Updated last year
- ☆24Updated last year