Ghetto user mode emulation of Windows kernel drivers.
☆163Oct 20, 2024Updated last year
Alternatives and similar repositories for driver_unpacking
Users that are interested in driver_unpacking are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- more at http://www.zer0mem.sk/?p=271☆12Jun 11, 2013Updated 13 years ago
- Kernel driver for detecting Intel VT-x hypervisors.☆205Jul 11, 2023Updated 2 years ago
- Native code virtualizer for x64 binaries☆531Dec 20, 2024Updated last year
- ☆14Jan 10, 2017Updated 9 years ago
- Hooking SSDT with Avast Internet Security Hypervisor☆115Apr 6, 2019Updated 7 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Emulate Drivers in RING3 with self context mapping or unicorn☆371Aug 18, 2022Updated 3 years ago
- An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in gen…☆866Feb 2, 2024Updated 2 years ago
- Easy Anti PatchGuard☆221Apr 9, 2021Updated 5 years ago
- This program remaps its image to prevent the page protection of pages contained in the image from being modified via NtProtectVirtualMemo…☆632Mar 19, 2019Updated 7 years ago
- The Grimoire Hypervisor solution for x86 Processors with experimental nested virtualization support. Remastering with Rust in progress.☆634May 23, 2026Updated 3 weeks ago
- Fix VMProtect 3.xx (tested 3.0.9 to 3.5.0)☆18Feb 1, 2022Updated 4 years ago
- Deobfuscation via optimization with usage of LLVM IR and parsing assembly.☆840May 8, 2026Updated last month
- x86-64 code/pe virtualizer☆212Dec 2, 2024Updated last year
- Experiment building lifting-bits dependencies with pure CMake. Migrated to:☆22Oct 8, 2024Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ☆23May 8, 2023Updated 3 years ago
- RunPE dump - I wrote this to have better control over the analysis of malwares. I can stop and analysis malware when it uses some of the …☆10Jul 1, 2015Updated 10 years ago
- Hooking Windows' exception dispatcher to protect process's PML4☆256Jan 24, 2025Updated last year
- Easily search LLVM headers for all major versions!☆19Sep 14, 2025Updated 8 months ago
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆673Jan 28, 2025Updated last year
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆52Mar 11, 2021Updated 5 years ago
- This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM☆30Nov 6, 2023Updated 2 years ago
- Collection of Cheat dumps for Research and Detection.☆16Jan 4, 2026Updated 5 months ago
- PE (and elf now!) bin2bin obfuscator☆845Oct 11, 2025Updated 8 months ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Unicorn PE is an unicorn based instrumentation project designed to emulate code execution for windows PE files.☆920Dec 29, 2025Updated 5 months ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆272Aug 31, 2022Updated 3 years ago
- ☆11Jul 12, 2022Updated 3 years ago
- c++ implementation of windows heavens gate☆70Feb 12, 2021Updated 5 years ago
- 🪝 Various EPT hook detection approaches☆154Feb 22, 2026Updated 3 months ago
- x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration☆400Jul 6, 2022Updated 3 years ago
- The research UEFI hypervisor that supports booting an operating system.☆743Aug 15, 2024Updated last year
- base for testing☆192Sep 28, 2024Updated last year
- Browse Page Tables on Windows (Page Table Viewer)☆241Apr 2, 2022Updated 4 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- ☆101Oct 6, 2017Updated 8 years ago
- Static deobfuscator for Themida, WinLicense and Code Virtualizer 3.x's mutation-based obfuscation.☆355Jul 29, 2024Updated last year
- Experimental disassembler for x86 binaries virtualized by VMProtect 3☆97Aug 27, 2022Updated 3 years ago
- Minimalistic AMD-V/SVM hypervisor with memory introspection capabilities☆416Feb 26, 2025Updated last year
- A minimalistic educational hypervisor for Windows on AMD processors.☆603Mar 3, 2025Updated last year
- Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.☆909Nov 21, 2019Updated 6 years ago
- Internals information about Hyper-V☆738May 6, 2026Updated last month