Ghetto user mode emulation of Windows kernel drivers.
☆164Oct 20, 2024Updated last year
Alternatives and similar repositories for driver_unpacking
Users that are interested in driver_unpacking are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- more at http://www.zer0mem.sk/?p=271☆12Jun 11, 2013Updated 12 years ago
- Kernel driver for detecting Intel VT-x hypervisors.☆201Jul 11, 2023Updated 2 years ago
- Native code virtualizer for x64 binaries☆522Dec 20, 2024Updated last year
- ☆14Jan 10, 2017Updated 9 years ago
- Hooking SSDT with Avast Internet Security Hypervisor☆116Apr 6, 2019Updated 7 years ago
- Deploy open-source AI quickly and easily - Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Emulate Drivers in RING3 with self context mapping or unicorn☆366Aug 18, 2022Updated 3 years ago
- An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in gen…☆859Feb 2, 2024Updated 2 years ago
- Easy Anti PatchGuard☆222Apr 9, 2021Updated 5 years ago
- This program remaps its image to prevent the page protection of pages contained in the image from being modified via NtProtectVirtualMemo…☆633Mar 19, 2019Updated 7 years ago
- Fix VMProtect 3.xx (tested 3.0.9 to 3.5.0)☆18Feb 1, 2022Updated 4 years ago
- ☆16Oct 7, 2020Updated 5 years ago
- Deobfuscation via optimization with usage of LLVM IR and parsing assembly.☆812Updated this week
- x86-64 code/pe virtualizer☆210Dec 2, 2024Updated last year
- The Grimoire Hypervisor solution for x86 Processors with experimental nested virtualization support. Remastering with Rust in progress.☆622Feb 24, 2026Updated last month
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Experiment building lifting-bits dependencies with pure CMake. Migrated to:☆22Oct 8, 2024Updated last year
- ☆23May 8, 2023Updated 2 years ago
- RunPE dump - I wrote this to have better control over the analysis of malwares. I can stop and analysis malware when it uses some of the …☆10Jul 1, 2015Updated 10 years ago
- Hooking Windows' exception dispatcher to protect process's PML4☆239Jan 24, 2025Updated last year
- Easily search LLVM headers for all major versions!☆19Sep 14, 2025Updated 7 months ago
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆662Jan 28, 2025Updated last year
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆51Mar 11, 2021Updated 5 years ago
- This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM☆30Nov 6, 2023Updated 2 years ago
- Collection of Cheat dumps for Research and Detection.☆16Jan 4, 2026Updated 3 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- PE (and elf now!) bin2bin obfuscator☆837Oct 11, 2025Updated 6 months ago
- Unicorn PE is an unicorn based instrumentation project designed to emulate code execution for windows PE files.☆918Dec 29, 2025Updated 3 months ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆268Aug 31, 2022Updated 3 years ago
- ☆11Jul 12, 2022Updated 3 years ago
- 🪝 Various EPT hook detection approaches☆144Feb 22, 2026Updated last month
- c++ implementation of windows heavens gate☆71Feb 12, 2021Updated 5 years ago
- The research UEFI hypervisor that supports booting an operating system.☆726Aug 15, 2024Updated last year
- base for testing☆187Sep 28, 2024Updated last year
- Static deobfuscator for Themida, WinLicense and Code Virtualizer 3.x's mutation-based obfuscation.☆342Jul 29, 2024Updated last year
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Browse Page Tables on Windows (Page Table Viewer)☆238Apr 2, 2022Updated 4 years ago
- ☆99Oct 6, 2017Updated 8 years ago
- Experimental disassembler for x86 binaries virtualized by VMProtect 3☆94Aug 27, 2022Updated 3 years ago
- A minimalistic educational hypervisor for Windows on AMD processors.☆575Mar 3, 2025Updated last year
- x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration☆392Jul 6, 2022Updated 3 years ago
- Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.☆904Nov 21, 2019Updated 6 years ago
- 🧪 Hypervisor with EPT hooking support.☆332Mar 1, 2026Updated last month