not-matthias / kernel-log-rs
A minimalistic logger for Windows Kernel Drivers.
☆20Updated 6 months ago
Related projects: ⓘ
- Rust bindings to the System Informer's (formerly known as Process Hacker) "phnt" native Windows headers☆35Updated this week
- PEIM (UEFI) bootkit targeting OVMF (EDK2)☆33Updated 9 months ago
- C/C++ antidebugging library for 32 and 64 bit processors☆10Updated 2 months ago
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆46Updated last year
- Me fockin' pe protector☆45Updated last year
- A KISS Rust crate to parse Windows kernel crash-dumps created by Windows & its debugger.☆33Updated last month
- ☆56Updated 2 years ago
- A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.☆27Updated last year
- ☆13Updated 11 months ago
- ☆17Updated last year
- A years-old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77.☆35Updated 2 years ago
- Report and exploit of CVE-2024-21305.☆29Updated 8 months ago
- Rust library for lifting raw binary data to LLVM IR☆37Updated last month
- Example of building an application verifer DLL☆44Updated 3 months ago
- ☆39Updated last year
- devirtualization vmprotect☆59Updated last year
- WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API☆19Updated 2 years ago
- ☆17Updated 3 years ago
- How Meltdown and Spectre haunt Anti-Cheat: DVRT details☆18Updated 3 weeks ago
- Disassembler for Zeus VM custom instruction set☆20Updated 7 months ago
- An example of how to use Microsoft Windows Warbird technology☆24Updated last year
- A driver to implement IOCTL hooking☆23Updated 2 years ago
- Rust implementation of lazy_importer☆42Updated last year
- Makes IDA (most versions) to crash upon opening it.☆52Updated 2 weeks ago
- A demonstration of hooking into the VMProtect-2 virtual machine☆16Updated 10 months ago
- WslinkVMAnalyzer is a tool to facilitate analysis of code protected by a virtual machine featured in Wslink malware☆45Updated 2 years ago
- arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system☆52Updated 2 years ago
- Extensions for x64dbg written in Rust: Telescope and Unicorn powered disassembly☆23Updated last year
- Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible. No …☆13Updated 3 months ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆57Updated last year