pTerrance / alpc-km-umView external linksLinks
POC usermode <=> kernel communication via ALPC.
☆70Jun 6, 2024Updated last year
Alternatives and similar repositories for alpc-km-um
Users that are interested in alpc-km-um are comparing it to the libraries listed below
Sorting:
- ☆34Apr 11, 2023Updated 2 years ago
- A simple UM + KM example of how to bypass EAC CR3☆183Oct 13, 2025Updated 4 months ago
- Windows Kernel Misc☆25Sep 3, 2023Updated 2 years ago
- How to use PiDqSerializationWrite. Introduces how to safely read and write from mapped driver☆26May 29, 2023Updated 2 years ago
- 从MmPfnData中枚举进程和页目录基址☆205Aug 18, 2023Updated 2 years ago
- A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy☆103Jun 26, 2023Updated 2 years ago
- r/w virtual memory without attach☆216Oct 19, 2023Updated 2 years ago
- Proof of Concept Kernel-User Communication using System Thread.☆14Sep 24, 2023Updated 2 years ago
- ☆184May 20, 2022Updated 3 years ago
- page table manipulation to gain physical r/w☆43May 7, 2024Updated last year
- base for testing☆186Sep 28, 2024Updated last year
- Patches DSE by swapping both data ptrs located in SeValidateImageHeader && SeValidateImageData☆22Feb 9, 2024Updated 2 years ago
- Unknowncheats Magically Optimized Tidy Mapper using nvaudio☆150Jun 11, 2024Updated last year
- ☆148Jan 24, 2024Updated 2 years ago
- 对Windbg以Exdi模式下调试windows做一些修复☆21Aug 25, 2023Updated 2 years ago
- Execute anything in a legit memory region by attacking a windows driver☆19Aug 20, 2023Updated 2 years ago
- anti cheat drv open source☆19Apr 18, 2024Updated last year
- windows kernel pagehook☆41Oct 30, 2022Updated 3 years ago
- ☆64Jul 31, 2022Updated 3 years ago
- Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executabl…☆382Jan 29, 2022Updated 4 years ago
- ☆144Dec 10, 2022Updated 3 years ago
- IO隐藏通信封装☆17May 31, 2021Updated 4 years ago
- ☆223Mar 11, 2023Updated 2 years ago
- ☆159May 21, 2024Updated last year
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆75Aug 16, 2023Updated 2 years ago
- Recursive and arbitrary code execution at kernel-level without a system thread creation☆159Apr 13, 2023Updated 2 years ago
- Experiment to use sections as User/Kernelmode comm vector☆22Apr 7, 2023Updated 2 years ago
- Calling "own" MouseClassServiceCallback☆76Jul 28, 2022Updated 3 years ago
- Detect removed thread from PspCidTable.☆75Mar 18, 2022Updated 3 years ago
- RWX Section Abusing☆16Nov 19, 2023Updated 2 years ago
- just proof of concept. hooking MmCopyMemory PG safe.☆82Nov 13, 2023Updated 2 years ago
- This is a simple project of a driver + usermode.☆169Jan 31, 2022Updated 4 years ago
- ☆99Oct 6, 2017Updated 8 years ago
- Virtual and physical memory hacking library using gigabyte vulnerable driver☆71Apr 9, 2023Updated 2 years ago
- Archive R/W into any protected process by changing the value of KTHREAD->PreviousMode☆163Jul 31, 2022Updated 3 years ago
- Communicate between user-mode and kernel-mode through a swapped QWORD pointer argument.☆174Feb 9, 2022Updated 4 years ago
- Cheat for my own game SecureGame which uses a bootkit to hyperjack Hyper-V in order to access VBS enclave's memory☆103Dec 8, 2024Updated last year
- Stealthy UM <-> KM communication system without creating any system threads, permanent hooks, driver objects, section objects or device o…☆376Mar 15, 2024Updated last year
- ☆27Jun 24, 2022Updated 3 years ago