mrexodia / MBRLinks
EDR PoC WIP LLC
☆11Updated last year
Alternatives and similar repositories for MBR
Users that are interested in MBR are comparing it to the libraries listed below
Sorting:
- A demonstration of hooking into the VMProtect-2 virtual machine☆19Updated last year
- This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM☆22Updated last year
- ☆27Updated last year
- Fix VMProtect 3.xx (tested 3.0.9 to 3.5.0)☆17Updated 3 years ago
- An example code of CiGetCertPublisherName☆16Updated 3 years ago
- ☆15Updated 2 years ago
- Elevate arbitrary MSR writes to kernel execution.☆36Updated last year
- idashare is an IDA Pro plugin that allows you to quickly share the currently loaded binary and IDA database over a local HTTP server with…☆10Updated 2 months ago
- ☆22Updated last year
- How Meltdown and Spectre haunt Anti-Cheat: DVRT details☆21Updated 9 months ago
- Single header library to simplify the usage of direct syscalls. x64/x86☆11Updated 2 years ago
- Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures☆34Updated 8 months ago
- x86-64 Automated test data generator☆22Updated 4 months ago
- ☆22Updated 2 years ago
- Bypassing kernel patch protection runtime☆20Updated 2 years ago
- Symbolic Execution based on lifting amd64 to z3☆27Updated 11 months ago
- Experiment building lifting-bits dependencies with pure CMake. Migrated to:☆22Updated 7 months ago
- Windows driver template, using C++20 & cmake & GithubActions☆22Updated 9 months ago
- FastSymApi - A Fast API PDB Symbol Cache Server that efficiently caches and compresses PDBs on disk for quick and repeated retrieval.☆19Updated 7 months ago
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆50Updated 4 years ago
- XOrCryptEx lightweight C Utility/Algorithm☆11Updated 3 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆24Updated 3 years ago
- x64 assembler library☆31Updated 11 months ago
- UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.☆44Updated 2 years ago
- ☆14Updated 4 years ago
- Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.☆29Updated 3 years ago
- Abusing RtlAdjustPrivilege and NtSetInformationProcess to cause a BSOD from usermode☆17Updated 2 years ago
- Hijack NotifyRoutine for a kernelmode thread☆42Updated 2 years ago
- ☆30Updated 2 years ago
- Windows kernel driver template for cmkr and llvm-msvc.☆34Updated last year