Alternatives and similar repositories for portable_executable

Users that are interested in portable_executable are comparing it to the libraries listed below

• Oliver-1-1 / DumpDriver
  ☆45Updated last year
• HookR0 / AcDrv
  anti cheat drv open source
  ☆19Updated last year
• SmoLL-iCe / VExDebugger
  A debugger library using VEH.
  ☆68Updated last year
• 1401199262 / HookSwapContext
  ☆34Updated 2 years ago
• helloobaby / Nmi-Callback
  detect hypervisor with Nmi Callback
  ☆42Updated 3 years ago
• emlinhax / tableflipper
  partially disable patchguard up to win11 21H2
  ☆19Updated last year
• Oliver-1-1 / EtwKeyboardDetection
  ☆37Updated last year
• Sentient111 / ClearDriverTraces
  clearing traces of a loaded driver
  ☆47Updated 3 years ago
• YouNeverKnow00 / Disable-nmi-callbacks
  Disable NMI Callbacks with Kernelmode Driver
  ☆18Updated 2 years ago
• misslng / boundcallback
  ☆35Updated 2 years ago
• 1401199262 / NMIStackWalk
  ☆73Updated 3 years ago
• stuxnet147 / Win-Kernel-PiDqSerializationWrite-Example
  How to use PiDqSerializationWrite. Introduces how to safely read and write from mapped driver
  ☆25Updated 2 years ago
• ch4ncellor / Inline-PatchFinder
  comparing data of module exports from disk and memory, then caching any differences.
  ☆26Updated 4 years ago
• ExpLife0011 / KeUserModeCallBack
  A Simple Example
  ☆23Updated 7 years ago
• rogxo / DisableDSE
  A method to Disable DSE using .data ptr hooks
  ☆38Updated last year
• ekknod / Nmi
  Old way for blocking NMI interrupts
  ☆29Updated 3 years ago
• stuxnet147 / luna-1
  ☆17Updated 5 years ago
• vasie1337 / sharedsection-driver
  driver that communicates using a shared section
  ☆83Updated 10 months ago
• BeneficialCode / KReClassEx
  Kernel ReClassEx
  ☆66Updated 2 years ago
• weak1337 / CEDetector
  ☆47Updated 3 years ago
• Sinclairq / tp-emulator
  A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe
  ☆75Updated 2 years ago
• asteria121 / HalPrivateDispatchTableHook
  Hook syscalls from ring0 without triggering PatchGuard
  ☆21Updated 3 months ago
• yuaom / DSEDodge-Signed-Kernel-Driver
  Leveraging Platform Trust Technology (PTT) to defeat Driver Signing Enforcement (DSE) to run Kernel Drivers (KMDF) with Secure Boot Enabl…
  ☆14Updated 3 years ago
• Ahora57 / Unabomber
  Improved VMP Idea(detect anti-anti-debug tools by bug)
  ☆47Updated 2 years ago
• xu-Wan / HypercallPageHook
  POC Hook of nt!HvcallCodeVa
  ☆54Updated 2 years ago
• ThomasonZhao / InfinityHookProMax
  InfinityHookProMax: Make InfinityHook great great again
  ☆51Updated 2 years ago
• BerkanYildiz / LoggerNT
  Logging library for kernel drivers written for the Windows NT operating system.
  ☆21Updated 3 months ago
• busy10 / NoScreen
  Hiding the window from screenshots using the function win32kfull::ChangeWindowTreeProtection
  ☆11Updated 4 years ago
• LowLevelSys / physmem_remapper
  ☆26Updated last month
• Trustings / DMA_PE_Dumper
  DMA PE (Portable Executable) Dumper with DTB patching capabilities.
  ☆51Updated 10 months ago