POC usermode <=> kernel communication via ALPC.
☆72Jun 6, 2024Updated last year
Alternatives and similar repositories for alpc-km-um
Users that are interested in alpc-km-um are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A simple UM + KM example of how to bypass EAC CR3☆188Oct 13, 2025Updated 5 months ago
- ☆34Apr 11, 2023Updated 2 years ago
- Windows Kernel Misc☆25Sep 3, 2023Updated 2 years ago
- How to use PiDqSerializationWrite. Introduces how to safely read and write from mapped driver☆26May 29, 2023Updated 2 years ago
- A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy☆103Jun 26, 2023Updated 2 years ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- 从MmPfnData中枚举进程和页目录基址☆209Aug 18, 2023Updated 2 years ago
- r/w virtual memory without attach☆226Oct 19, 2023Updated 2 years ago
- 对Windbg以Exdi模式下调试windows做一些修复☆21Aug 25, 2023Updated 2 years ago
- Patches DSE by swapping both data ptrs located in SeValidateImageHeader && SeValidateImageData☆24Feb 9, 2024Updated 2 years ago
- Proof of Concept Kernel-User Communication using System Thread.☆14Sep 24, 2023Updated 2 years ago
- Unknowncheats Magically Optimized Tidy Mapper using nvaudio☆154Jun 11, 2024Updated last year
- ☆63Jul 31, 2022Updated 3 years ago
- WinDbg-Samples ExdiGdbSrv fork 修复了一部分Vmware调试的问题☆32Jul 10, 2023Updated 2 years ago
- ☆183May 20, 2022Updated 3 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- anti cheat drv open source☆19Apr 18, 2024Updated last year
- ☆158May 21, 2024Updated last year
- base for testing☆188Sep 28, 2024Updated last year
- Execute anything in a legit memory region by attacking a windows driver☆20Aug 20, 2023Updated 2 years ago
- IO隐藏通信封装☆17May 31, 2021Updated 4 years ago
- Discarded Section Manual Map☆70Jun 18, 2020Updated 5 years ago
- page table manipulation to gain physical r/w☆44May 7, 2024Updated last year
- ☆147Jan 24, 2024Updated 2 years ago
- ☆143Dec 10, 2022Updated 3 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executabl…☆388Jan 29, 2022Updated 4 years ago
- ☆225Mar 11, 2023Updated 3 years ago
- Recursive and arbitrary code execution at kernel-level without a system thread creation☆159Mar 16, 2026Updated last week
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆75Aug 16, 2023Updated 2 years ago
- Stealthy UM <-> KM communication system without creating any system threads, permanent hooks, driver objects, section objects or device o…☆381Mar 15, 2024Updated 2 years ago
- Use ntdll/ntoskrnl to implement Kernel32, Advapi32 and other APIs. It includes user-mode and kernel-mode.☆96Aug 26, 2025Updated 7 months ago
- ☆33Mar 3, 2024Updated 2 years ago
- POC Hook of nt!HvcallCodeVa☆54May 8, 2023Updated 2 years ago
- UM-KM Communication using registry callbacks☆39Jun 8, 2020Updated 5 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- driver that communicates using a shared section☆96Mar 17, 2025Updated last year
- Virtual and physical memory hacking library using gigabyte vulnerable driver☆70Mar 16, 2026Updated last week
- Experiment to use sections as User/Kernelmode comm vector☆22Apr 7, 2023Updated 2 years ago
- windows kernel pagehook☆42Oct 30, 2022Updated 3 years ago
- 一个界面基于IMGUI的ARK,目前R3实现☆13Nov 1, 2023Updated 2 years ago
- ☆99Oct 6, 2017Updated 8 years ago
- Rendering on external windows via hijacking thread contexts, with notes on ValidateHwnd☆14Jul 9, 2020Updated 5 years ago