not-wlan / driver-hijack
☆153Updated 5 years ago
Alternatives and similar repositories for driver-hijack:
Users that are interested in driver-hijack are comparing it to the libraries listed below
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆111Updated 3 years ago
- Intercepting DeviceControl via WPP☆131Updated 5 years ago
- Elevate a process to be a protected process☆144Updated 5 years ago
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆142Updated 3 years ago
- manually map driver for a signed driver memory space☆151Updated 4 years ago
- Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL☆210Updated 4 years ago
- a more stable & secure read/write virtual memory for kernel mode drivers☆164Updated 5 years ago
- ☆139Updated 4 years ago
- Kernel LdrLoadDll injector☆257Updated 6 years ago
- Hide codes/data in the kernel address space.☆188Updated 3 years ago
- Easy Anti PatchGuard☆215Updated 3 years ago
- Proof of concept on how to bypass some limitations of a manual mapped driver☆168Updated 4 years ago
- Load your driver like win32k.sys☆252Updated 2 years ago
- A mapper that maps shellcode into loaded large page drivers☆262Updated 2 years ago
- x64 Windows kernel driver mapper, inject unsigned driver using anycall☆141Updated last year
- driver mapper / capcom wrapper☆219Updated 5 years ago
- ☆198Updated 2 years ago
- The program draws with win32k gdi functions in the kernel while NtGdiDdDDISubmitCommand is being hooked.☆282Updated 4 years ago
- load unsigned kernel-driver by patching dse in 248 lines☆113Updated last year
- ☆177Updated 3 years ago
- An x64 page table iterator written in C++ as a kernel mode windows driver.☆108Updated 3 years ago
- base for testing☆163Updated 5 months ago
- ☆152Updated 10 months ago
- manual map unsigned driver over signed memory☆186Updated 11 months ago
- Kernel Lazy Importer☆109Updated 11 months ago
- Disable Driver Callbacks☆102Updated 7 years ago
- Using CVE-2023-21768 to manual map kernel mode driver☆183Updated 2 years ago
- Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.☆314Updated 3 years ago
- based on https://github.com/secrary/Hooking-via-InstrumentationCallback☆69Updated 5 years ago
- x64 syscall caller in C++.☆87Updated 6 years ago