mrexodia / MBRLinks
EDR PoC WIP LLC
☆11Updated last year
Alternatives and similar repositories for MBR
Users that are interested in MBR are comparing it to the libraries listed below
Sorting:
- A demonstration of hooking into the VMProtect-2 virtual machine☆20Updated last year
- Bypassing kernel patch protection runtime☆20Updated 2 years ago
- Elevate arbitrary MSR writes to kernel execution.☆36Updated last year
- How Meltdown and Spectre haunt Anti-Cheat: DVRT details☆21Updated 10 months ago
- ☆23Updated last year
- ☆15Updated 2 years ago
- A driver to implement IOCTL hooking☆24Updated 3 years ago
- XOrCryptEx lightweight C Utility/Algorithm☆11Updated 3 years ago
- UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.☆44Updated 2 years ago
- Windows driver template, using C++20 & cmake & GithubActions☆22Updated 10 months ago
- Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures☆36Updated 9 months ago
- WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API☆23Updated 3 years ago
- Hijack NotifyRoutine for a kernelmode thread☆42Updated 3 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆24Updated 3 years ago
- ☆29Updated 3 years ago
- ☆27Updated last year
- idashare is an IDA Pro plugin that allows you to quickly share the currently loaded binary and IDA database over a local HTTP server with…☆10Updated 2 months ago
- x86-64 Automated test data generator☆22Updated 5 months ago
- Some drivers I've written while solving exercises from Practical Reverse Engineering☆15Updated 3 years ago
- C/C++ antidebugging library for Windows☆22Updated 5 months ago
- This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM☆23Updated last year
- Windows Minidump loader for Ghidra☆29Updated 2 years ago
- FastSymApi - A Fast API PDB Symbol Cache Server that efficiently caches and compresses PDBs on disk for quick and repeated retrieval.☆19Updated 8 months ago
- Shh0ya Kernel Hook Driver☆23Updated 4 years ago
- Abusing RtlAdjustPrivilege and NtSetInformationProcess to cause a BSOD from usermode☆18Updated 2 years ago
- A Windows API hooking library !☆31Updated 2 years ago
- A thin introspection hypervisor framework that allows for low level resource manipulation.☆13Updated last year
- Just an example of a well-known technique to detect memory tampering via Windows Working Sets.☆16Updated 3 years ago
- A native Windows library for intercepting kernel-to-user transitions using instrumentation callbacks☆20Updated last year
- A packed & protected Module Loader and more, for 64-bit Windows☆29Updated 4 years ago