pTerrance / alpc-km-umLinks
POC usermode <=> kernel communication via ALPC.
☆65Updated last year
Alternatives and similar repositories for alpc-km-um
Users that are interested in alpc-km-um are comparing it to the libraries listed below
Sorting:
- ☆63Updated 3 years ago
- A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy☆98Updated 2 years ago
- ☆72Updated 3 years ago
- 将驱动映射到会话空间☆38Updated 3 years ago
- ☆35Updated 3 years ago
- UM-KM Communication using registry callbacks☆40Updated 5 years ago
- Old project (2020) reformed. Modifies gRT->GetVariable sub function from EFI_APPLICATION. Tested on Win10 22H2 (AMD).☆55Updated last year
- Old way for blocking NMI interrupts☆27Updated 3 years ago
- Windows Kernel Misc☆24Updated 2 years ago
- ☆48Updated 3 years ago
- ☆70Updated 4 years ago
- ☆26Updated this week
- clearing traces of a loaded driver☆47Updated 3 years ago
- Mapping your code on a 0x1000 size page☆71Updated 3 years ago
- ☆51Updated 2 years ago
- page table manipulation to gain physical r/w☆42Updated last year
- ☆22Updated 3 years ago
- Windows x64 DLL/Driver manual map injection on a non-present PML4E using physical memory read/writes, direct page table manipulation and …☆72Updated 2 months ago
- ☆33Updated 2 years ago
- Secure Hyper-Visor Injector for Easy Anti Cheat, Battleye | that supports amd + intel | Undetected + Active updates☆24Updated 2 years ago
- Discarded Section Manual Map☆68Updated 5 years ago
- just proof of concept. hooking MmCopyMemory PG safe.☆77Updated 2 years ago
- ☆43Updated 4 years ago
- ☆48Updated 3 years ago
- A intel hypervisor, implementing many virtualization techniques☆51Updated 2 years ago
- detect hypervisor with Nmi Callback☆41Updated 3 years ago
- Allows for same-file KernelMode function execution using Encrypted addresses of Functions☆49Updated 2 months ago
- ☆48Updated 5 years ago
- ☆13Updated 2 years ago
- Windows X64 mode use seh in manual mapped dll or manual mapped sys☆76Updated 3 years ago