Ghetto user mode emulation of Windows kernel drivers.
☆163Oct 20, 2024Updated last year
Alternatives and similar repositories for driver_unpacking
Users that are interested in driver_unpacking are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- more at http://www.zer0mem.sk/?p=271☆12Jun 11, 2013Updated 12 years ago
- Kernel driver for detecting Intel VT-x hypervisors.☆202Jul 11, 2023Updated 2 years ago
- Native code virtualizer for x64 binaries☆531Dec 20, 2024Updated last year
- ☆14Jan 10, 2017Updated 9 years ago
- Hooking SSDT with Avast Internet Security Hypervisor☆114Apr 6, 2019Updated 7 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Emulate Drivers in RING3 with self context mapping or unicorn☆369Aug 18, 2022Updated 3 years ago
- An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in gen…☆863Feb 2, 2024Updated 2 years ago
- Easy Anti PatchGuard☆221Apr 9, 2021Updated 5 years ago
- This program remaps its image to prevent the page protection of pages contained in the image from being modified via NtProtectVirtualMemo…☆631Mar 19, 2019Updated 7 years ago
- The Grimoire Hypervisor solution for x86 Processors with experimental nested virtualization support. Remastering with Rust in progress.☆631May 9, 2026Updated 2 weeks ago
- Fix VMProtect 3.xx (tested 3.0.9 to 3.5.0)☆18Feb 1, 2022Updated 4 years ago
- Deobfuscation via optimization with usage of LLVM IR and parsing assembly.☆829May 8, 2026Updated 2 weeks ago
- x86-64 code/pe virtualizer☆211Dec 2, 2024Updated last year
- Experiment building lifting-bits dependencies with pure CMake. Migrated to:☆22Oct 8, 2024Updated last year
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- ☆23May 8, 2023Updated 3 years ago
- RunPE dump - I wrote this to have better control over the analysis of malwares. I can stop and analysis malware when it uses some of the …☆10Jul 1, 2015Updated 10 years ago
- Hooking Windows' exception dispatcher to protect process's PML4☆250Jan 24, 2025Updated last year
- Easily search LLVM headers for all major versions!☆19Sep 14, 2025Updated 8 months ago
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆666Jan 28, 2025Updated last year
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆52Mar 11, 2021Updated 5 years ago
- This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM☆30Nov 6, 2023Updated 2 years ago
- Collection of Cheat dumps for Research and Detection.☆16Jan 4, 2026Updated 4 months ago
- PE (and elf now!) bin2bin obfuscator☆844Oct 11, 2025Updated 7 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Unicorn PE is an unicorn based instrumentation project designed to emulate code execution for windows PE files.☆921Dec 29, 2025Updated 4 months ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆270Aug 31, 2022Updated 3 years ago
- ☆11Jul 12, 2022Updated 3 years ago
- c++ implementation of windows heavens gate☆70Feb 12, 2021Updated 5 years ago
- 🪝 Various EPT hook detection approaches☆149Feb 22, 2026Updated 3 months ago
- The research UEFI hypervisor that supports booting an operating system.☆739Aug 15, 2024Updated last year
- base for testing☆189Sep 28, 2024Updated last year
- Browse Page Tables on Windows (Page Table Viewer)☆239Apr 2, 2022Updated 4 years ago
- ☆100Oct 6, 2017Updated 8 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Static deobfuscator for Themida, WinLicense and Code Virtualizer 3.x's mutation-based obfuscation.☆351Jul 29, 2024Updated last year
- Experimental disassembler for x86 binaries virtualized by VMProtect 3☆96Aug 27, 2022Updated 3 years ago
- Minimalistic AMD-V/SVM hypervisor with memory introspection capabilities☆409Feb 26, 2025Updated last year
- x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration☆395Jul 6, 2022Updated 3 years ago
- A minimalistic educational hypervisor for Windows on AMD processors.☆592Mar 3, 2025Updated last year
- Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.☆906Nov 21, 2019Updated 6 years ago
- 🧪 Hypervisor with EPT hooking support.☆339May 1, 2026Updated 3 weeks ago