li4321 / GhostInjector
☆44Updated last month
Alternatives and similar repositories for GhostInjector:
Users that are interested in GhostInjector are comparing it to the libraries listed below
- ntoskrnl .data hooks for UM-KM communication☆37Updated 9 months ago
- Freeze target threads (external - internal ) by avoiding SuspendThread detections. Or access registers from start address.☆32Updated last year
- DSE & PG bypass via BYOVD attack☆43Updated 11 months ago
- WinApi Patcher is a straightforward tool leveraging windows API hooking to patch and modify certain behaviors in a targeted environment.☆41Updated 6 months ago
- ☆73Updated 11 months ago
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆48Updated 2 years ago
- Experiment with PAGE_GUARD protection to hide memory from other processes☆44Updated 9 months ago
- Translate virtual addresses to physical addresses from usermode.☆36Updated 9 months ago
- POC Hook of nt!HvcallCodeVa☆50Updated last year
- Hooking Windows' exception dispatcher to protect process's PML4☆155Updated 2 months ago
- Kernel Level NMI Callback Blocker☆74Updated 6 months ago
- Compileable POC of namazso's x64 return address spoofer.☆51Updated 4 years ago
- EFI bootkit for loading unsigned drivers☆17Updated 8 months ago
- ☆29Updated 5 months ago
- Allows for same-file KernelMode function execution using Encrypted addresses of Functions☆30Updated 5 months ago
- nmi stackwalking + module verification☆107Updated last year
- Tool to dump EFI runtime drivers.☆35Updated last year
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆117Updated last year
- C/C++ antidebugging library for Windows☆17Updated 2 months ago
- Kernel<->Usermode shared memory communcation using manually mapped driver☆14Updated 3 years ago
- PoC kernel to usermode injection☆79Updated last year
- A windows kernel mode driver that spoofs serial numbers when mapped and executes a malicious payload (FULLY from kernel!!!)☆32Updated 5 months ago
- Spoof the return address of any function call.☆9Updated 8 months ago
- using wnbios64.sys for arbitrary r/w☆13Updated 10 months ago
- This is an EfiGuard BootLoader that can boot EfiGuard from Usermode with no USB or Setup as a Single Executable with automatic File Dumpi…☆47Updated 6 months ago
- The sequel to Voyager☆40Updated 7 months ago
- Library to manipulate drivers that expose a physical memory read/write primitive.☆24Updated last year
- Makes IDA (most versions) to crash upon opening it.☆82Updated 6 months ago
- Virtual and physical memory hacking library using gigabyte vulnerable driver☆71Updated last year
- My EAC & BE Rady CR3 Reading & Writing source that I use for my KM Drivers.☆59Updated 6 months ago