pTerrance / alpc-km-um
POC usermode <=> kernel communication via ALPC.
☆51Updated 3 months ago
Related projects: ⓘ
- ☆66Updated 2 years ago
- clearing traces of a loaded driver☆45Updated 2 years ago
- Windows Kernel Misc☆22Updated last year
- A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy☆75Updated last year
- 将驱动映射到会话空间☆32Updated 2 years ago
- Mapping your code on a 0x1000 size page☆66Updated 2 years ago
- ☆29Updated 11 months ago
- ☆62Updated this week
- ☆31Updated this week
- ☆46Updated last year
- ☆21Updated this week
- Windows kernel drivers simple HTTP library for modern C++☆39Updated 6 years ago
- ☆50Updated this week
- A method to Disable DSE using .data ptr hooks☆23Updated 7 months ago
- Windows X64 mode use seh in manual mapped dll or manual mapped sys☆63Updated last year
- ☆23Updated this week
- ☆40Updated 2 years ago
- ☆48Updated 9 months ago
- ☆44Updated 2 years ago
- Hiding a system thread against conventional means of detection☆34Updated 3 years ago
- ☆46Updated last year
- detect hypervisor with Nmi Callback☆32Updated last year
- page table manipulation to gain physical r/w☆38Updated 4 months ago
- A simple ida python script to find .data ptr☆44Updated last year
- A series of methods used to detect kernel shellcode for tencent game safe race 2024☆28Updated 4 months ago
- ☆13Updated this week
- UM-KM Communication using registry callbacks☆35Updated 4 years ago
- ☆35Updated 2 months ago
- ☆42Updated 3 years ago
- ☆46Updated 2 years ago