patrickcjk / notify-routine-poc
PsSetCreateProcessNotifyRoutine bypass proof-of-concept for manual mapped drivers
☆30Updated 3 years ago
Related projects: ⓘ
- Mapping your code on a 0x1000 size page☆66Updated 2 years ago
- ☆42Updated 2 years ago
- search for a driver/dll module that has a wanted section bigger than the size of your image☆21Updated 3 years ago
- Hiding a system thread against conventional means of detection☆34Updated 3 years ago
- UM-KM Communication using registry callbacks☆35Updated 4 years ago
- ☆37Updated this week
- Register a callback in Kernel from a manually mapped driver☆36Updated 3 years ago
- ☆25Updated this week
- ☆40Updated 2 years ago
- 将驱动映射到会话空间☆32Updated 2 years ago
- fecurity executor from factory☆32Updated 2 years ago
- ☆13Updated this week
- ☆17Updated 2 years ago
- Discarded Section Manual Map☆65Updated 4 years ago
- ☆33Updated 4 years ago
- kinda custom data ptr swap communication method☆22Updated last year
- ☆42Updated 3 years ago
- ☆31Updated this week
- A simple MmCopyMemory hook.☆32Updated 2 years ago
- ☆24Updated this week
- ☆41Updated this week
- POC Hook of nt!HvcallCodeVa☆49Updated last year
- ☆46Updated 2 years ago
- ☆29Updated 11 months ago
- Old way for blocking NMI interrupts☆25Updated 2 years ago
- ☆48Updated 9 months ago
- A Simple Example☆19Updated 5 years ago
- ☆39Updated this week
- ☆12Updated 2 years ago
- detect hypervisor with Nmi Callback☆32Updated last year