Example for PagedOut!
☆26Oct 22, 2019Updated 6 years ago
Alternatives and similar repositories for WindowsBypassSMEP
Users that are interested in WindowsBypassSMEP are comparing it to the libraries listed below
Sorting:
- Dangling COM Keys Finder☆17Nov 16, 2021Updated 4 years ago
- ☆12Feb 4, 2025Updated last year
- ☆23May 28, 2021Updated 4 years ago
- 热门网络游戏辅助开发教程☆19May 27, 2021Updated 4 years ago
- EDR PoC WIP LLC☆10Feb 9, 2024Updated 2 years ago
- ☆30Oct 13, 2020Updated 5 years ago
- A windows kernel driver to Block symbolic link exploit used for privilege escalation.☆15Jul 30, 2020Updated 5 years ago
- Ready-to-use headers for Windows Kernel SSDT indices☆11Apr 12, 2020Updated 5 years ago
- ☆40Nov 5, 2019Updated 6 years ago
- prebuild angr wheels for Windows on x86_64☆15Jul 21, 2018Updated 7 years ago
- What makes it page☆17Aug 24, 2022Updated 3 years ago
- ☆12Oct 9, 2020Updated 5 years ago
- Source code on the 1.44MB 3.5 floppy accompanying the Windows NT File System Internals book.☆20Jul 31, 2019Updated 6 years ago
- A simple windows driver that can read and write to process memory from kernel mode☆11Aug 31, 2021Updated 4 years ago
- ☆17Apr 18, 2023Updated 2 years ago
- ☆17Dec 4, 2018Updated 7 years ago
- An example code of CiGetCertPublisherName☆16Mar 24, 2022Updated 3 years ago
- PE Infector/Cryptor source code☆16Apr 30, 2017Updated 8 years ago
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115May 21, 2023Updated 2 years ago
- ☆17Dec 18, 2022Updated 3 years ago
- impersonate trustedinstaller by fiddling with tokens☆17Aug 30, 2021Updated 4 years ago
- Windows x64 Process Scanner to detect application compatability shims☆37Oct 17, 2018Updated 7 years ago
- Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes.☆117Feb 9, 2022Updated 4 years ago
- Bypass Windows defender syscall☆18Jul 17, 2021Updated 4 years ago
- ☆53Dec 21, 2022Updated 3 years ago
- Perun's Fart (Slavic God's Luck). Another method for unhooking AV and EDR, this is my C# version.☆117Dec 26, 2021Updated 4 years ago
- A C++ syscall ID extractor for Windows. Developed, debugged and tested on 20H2.☆21May 25, 2021Updated 4 years ago
- ☆48Jul 24, 2023Updated 2 years ago
- A VM and VT detection vector,detects KVM,VMware,HYPER-V,Hypervisor and ...(Intel Only)☆21Nov 12, 2020Updated 5 years ago
- Shh0ya Kernel Hook Driver☆25Dec 8, 2020Updated 5 years ago
- Rootkit loader for your rootkit dll, x86/x64 system wide DLL injection (+appinit_dlls registry create) uses heavens gate☆22Jan 28, 2021Updated 5 years ago
- Memory integrity check with CRC32 instruction, section-based☆50May 25, 2025Updated 9 months ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆268Aug 31, 2022Updated 3 years ago
- Hook NtDeviceIoControlFile with PatchGuard☆107May 10, 2022Updated 3 years ago
- A kernel level driver for Windows built to configure the Blue Screen Of Death☆21Jul 30, 2021Updated 4 years ago
- A kernel mode Windows rootkit in development.☆49Dec 31, 2021Updated 4 years ago
- Windows memory hacking library☆22Aug 12, 2018Updated 7 years ago
- Bypassing kernel patch protection runtime☆22Feb 19, 2023Updated 3 years ago
- a dkom rootkit that targets windows x64 systems. the rootkit hooks and edits criticl memory sections in order to hide different resources…☆18Jul 5, 2023Updated 2 years ago