patrickcjk / notify-routine-pocLinks
PsSetCreateProcessNotifyRoutine bypass proof-of-concept for manual mapped drivers
☆31Updated 3 years ago
Alternatives and similar repositories for notify-routine-poc
Users that are interested in notify-routine-poc are comparing it to the libraries listed below
Sorting:
- ☆74Updated 2 years ago
- ☆25Updated last year
- UM-KM Communication using registry callbacks☆39Updated 5 years ago
- Old way for blocking NMI interrupts☆26Updated 2 years ago
- ☆31Updated 3 years ago
- Mapping your code on a 0x1000 size page☆72Updated 3 years ago
- Hiding a system thread against conventional means of detection☆40Updated 4 years ago
- ☆36Updated 5 years ago
- Register a callback in Kernel from a manually mapped driver☆41Updated 4 years ago
- 将驱动映射到会话空间☆35Updated 2 years ago
- ☆42Updated 3 years ago
- ☆46Updated 3 years ago
- detect hypervisor with Nmi Callback☆39Updated 2 years ago
- ☆47Updated 4 years ago
- Discarded Section Manual Map☆68Updated 5 years ago
- A method to Disable DSE using .data ptr hooks☆32Updated last year
- A Simple Example☆21Updated 6 years ago
- A wrapper class to hide the original calling address of a function☆57Updated 4 years ago
- ☆26Updated last year
- POC Hook of nt!HvcallCodeVa☆52Updated 2 years ago
- ☆30Updated 9 months ago
- Detect removed thread from PspCidTable.☆72Updated 3 years ago
- ☆53Updated 2 years ago
- ☆21Updated 3 years ago
- Hiding the window from screenshots using the function win32kfull::ChangeWindowTreeProtection☆11Updated 3 years ago
- Modmap updated to work on Windows 11☆28Updated 3 years ago
- clearing traces of a loaded driver☆47Updated 2 years ago
- A poc that abuses Enclave☆38Updated 2 years ago
- Windows Kernel nt files - To research windows kernel☆16Updated 4 years ago
- ☆50Updated last year