Ghetto user mode emulation of Windows kernel drivers.
☆163Oct 20, 2024Updated last year
Alternatives and similar repositories for driver_unpacking
Users that are interested in driver_unpacking are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- more at http://www.zer0mem.sk/?p=271☆12Jun 11, 2013Updated 13 years ago
- Kernel driver for detecting Intel VT-x hypervisors.☆202Jul 11, 2023Updated 2 years ago
- Native code virtualizer for x64 binaries☆533Dec 20, 2024Updated last year
- ☆14Jan 10, 2017Updated 9 years ago
- Hooking SSDT with Avast Internet Security Hypervisor☆115Apr 6, 2019Updated 7 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Emulate Drivers in RING3 with self context mapping or unicorn☆371Aug 18, 2022Updated 3 years ago
- An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in gen…☆870Feb 2, 2024Updated 2 years ago
- Easy Anti PatchGuard☆221Apr 9, 2021Updated 5 years ago
- This program remaps its image to prevent the page protection of pages contained in the image from being modified via NtProtectVirtualMemo…☆631Mar 19, 2019Updated 7 years ago
- The Grimoire Hypervisor solution for x86 Processors with experimental nested virtualization support. Remastering with Rust in progress.☆639Jun 21, 2026Updated last week
- Fix VMProtect 3.xx (tested 3.0.9 to 3.5.0)☆18Feb 1, 2022Updated 4 years ago
- Deobfuscation via optimization with usage of LLVM IR and parsing assembly.☆842May 8, 2026Updated last month
- x86-64 code/pe virtualizer☆213Dec 2, 2024Updated last year
- Experiment building lifting-bits dependencies with pure CMake. Migrated to:☆22Oct 8, 2024Updated last year
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- ☆23May 8, 2023Updated 3 years ago
- RunPE dump - I wrote this to have better control over the analysis of malwares. I can stop and analysis malware when it uses some of the …☆10Jul 1, 2015Updated 11 years ago
- Hooking Windows' exception dispatcher to protect process's PML4☆257Jan 24, 2025Updated last year
- Easily search LLVM headers for all major versions!☆19Sep 14, 2025Updated 9 months ago
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆675Jan 28, 2025Updated last year
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆52Mar 11, 2021Updated 5 years ago
- This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM☆30Nov 6, 2023Updated 2 years ago
- Collection of Cheat dumps for Research and Detection.☆16Jan 4, 2026Updated 6 months ago
- PE (and elf now!) bin2bin obfuscator☆847Oct 11, 2025Updated 8 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Unicorn PE is an unicorn based instrumentation project designed to emulate code execution for windows PE files.☆923Dec 29, 2025Updated 6 months ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆269Aug 31, 2022Updated 3 years ago
- ☆11Jul 12, 2022Updated 3 years ago
- c++ implementation of windows heavens gate☆70Feb 12, 2021Updated 5 years ago
- 🪝 Various EPT hook detection approaches☆157Feb 22, 2026Updated 4 months ago
- x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration☆406Jul 6, 2022Updated 3 years ago
- The research UEFI hypervisor that supports booting an operating system.☆745Aug 15, 2024Updated last year
- base for testing☆193Sep 28, 2024Updated last year
- Browse Page Tables on Windows (Page Table Viewer)☆241Apr 2, 2022Updated 4 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- ☆101Oct 6, 2017Updated 8 years ago
- Static deobfuscator for Themida, WinLicense and Code Virtualizer 3.x's mutation-based obfuscation.☆362Jul 29, 2024Updated last year
- Experimental disassembler for x86 binaries virtualized by VMProtect 3☆96Aug 27, 2022Updated 3 years ago
- Minimalistic AMD-V/SVM hypervisor with memory introspection capabilities☆420Feb 26, 2025Updated last year
- A minimalistic educational hypervisor for Windows on AMD processors.☆607Mar 3, 2025Updated last year
- Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.☆910Nov 21, 2019Updated 6 years ago
- Internals information about Hyper-V☆742May 6, 2026Updated last month