POC usermode <=> kernel communication via ALPC.
☆72Jun 6, 2024Updated last year
Alternatives and similar repositories for alpc-km-um
Users that are interested in alpc-km-um are comparing it to the libraries listed below
Sorting:
- ☆34Apr 11, 2023Updated 2 years ago
- A simple UM + KM example of how to bypass EAC CR3☆185Oct 13, 2025Updated 4 months ago
- Windows Kernel Misc☆25Sep 3, 2023Updated 2 years ago
- How to use PiDqSerializationWrite. Introduces how to safely read and write from mapped driver☆26May 29, 2023Updated 2 years ago
- 从MmPfnData中枚举进程和页目录基址☆207Aug 18, 2023Updated 2 years ago
- A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy☆103Jun 26, 2023Updated 2 years ago
- r/w virtual memory without attach☆219Oct 19, 2023Updated 2 years ago
- Proof of Concept Kernel-User Communication using System Thread.☆14Sep 24, 2023Updated 2 years ago
- ☆183May 20, 2022Updated 3 years ago
- page table manipulation to gain physical r/w☆44May 7, 2024Updated last year
- base for testing☆187Sep 28, 2024Updated last year
- Patches DSE by swapping both data ptrs located in SeValidateImageHeader && SeValidateImageData☆23Feb 9, 2024Updated 2 years ago
- ☆148Jan 24, 2024Updated 2 years ago
- 对Windbg以Exdi模式下调试windows做一些修复☆21Aug 25, 2023Updated 2 years ago
- Unknowncheats Magically Optimized Tidy Mapper using nvaudio☆153Jun 11, 2024Updated last year
- anti cheat drv open source☆19Apr 18, 2024Updated last year
- Execute anything in a legit memory region by attacking a windows driver☆20Aug 20, 2023Updated 2 years ago
- windows kernel pagehook☆42Oct 30, 2022Updated 3 years ago
- ☆63Jul 31, 2022Updated 3 years ago
- Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executabl…☆387Jan 29, 2022Updated 4 years ago
- ☆145Dec 10, 2022Updated 3 years ago
- IO隐藏通信封装☆17May 31, 2021Updated 4 years ago
- ☆223Mar 11, 2023Updated 2 years ago
- ☆158May 21, 2024Updated last year
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆75Aug 16, 2023Updated 2 years ago
- Recursive and arbitrary code execution at kernel-level without a system thread creation☆159Apr 13, 2023Updated 2 years ago
- Experiment to use sections as User/Kernelmode comm vector☆22Apr 7, 2023Updated 2 years ago
- Calling "own" MouseClassServiceCallback☆76Jul 28, 2022Updated 3 years ago
- Detect removed thread from PspCidTable.☆75Mar 18, 2022Updated 3 years ago
- RWX Section Abusing☆16Nov 19, 2023Updated 2 years ago
- just proof of concept. hooking MmCopyMemory PG safe.☆83Nov 13, 2023Updated 2 years ago
- This is a simple project of a driver + usermode.☆169Jan 31, 2022Updated 4 years ago
- ☆99Oct 6, 2017Updated 8 years ago
- Virtual and physical memory hacking library using gigabyte vulnerable driver☆71Apr 9, 2023Updated 2 years ago
- Archive R/W into any protected process by changing the value of KTHREAD->PreviousMode☆163Jul 31, 2022Updated 3 years ago
- Communicate between user-mode and kernel-mode through a swapped QWORD pointer argument.☆179Feb 9, 2022Updated 4 years ago
- ☆27Jun 24, 2022Updated 3 years ago
- Stealthy UM <-> KM communication system without creating any system threads, permanent hooks, driver objects, section objects or device o…☆379Mar 15, 2024Updated last year
- Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL☆219Nov 12, 2020Updated 5 years ago