patrickcjk / notify-routine-poc
PsSetCreateProcessNotifyRoutine bypass proof-of-concept for manual mapped drivers
☆31Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for notify-routine-poc
- Mapping your code on a 0x1000 size page☆69Updated 2 years ago
- UM-KM Communication using registry callbacks☆39Updated 4 years ago
- ☆41Updated 3 years ago
- 将驱动映射到会话空间☆33Updated 2 years ago
- Old way for blocking NMI interrupts☆25Updated 2 years ago
- ☆28Updated last year
- Hiding a system thread against conventional means of detection☆35Updated 4 years ago
- ☆49Updated 2 years ago
- ☆43Updated 3 years ago
- Discarded Section Manual Map☆66Updated 4 years ago
- Register a callback in Kernel from a manually mapped driver☆37Updated 3 years ago
- ☆33Updated 4 years ago
- detect hypervisor with Nmi Callback☆34Updated 2 years ago
- search for a driver/dll module that has a wanted section bigger than the size of your image☆20Updated 3 years ago
- x64 manual mapper using inline syscalls☆5Updated 3 years ago
- page table manipulation to gain physical r/w☆38Updated 6 months ago
- ☆50Updated 11 months ago
- ☆44Updated 2 years ago
- Handling C++ & __try exceptions without the need of built-in handlers.☆65Updated 3 years ago
- kinda custom data ptr swap communication method☆23Updated last year
- ☆78Updated 3 years ago
- ☆18Updated 2 years ago
- A poc that abuses Enclave☆36Updated 2 years ago
- ☆32Updated 2 years ago
- ☆70Updated 2 years ago