rbmm / TPMLinks
Easy encrypt/decrypt data with TPM
☆25Updated last year
Alternatives and similar repositories for TPM
Users that are interested in TPM are comparing it to the libraries listed below
Sorting:
- ☆19Updated 3 months ago
- An improved version of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆65Updated 2 months ago
- ☆25Updated 2 years ago
- Collection of scripts and CMake files to easily link to LLVM into your project (Windows, Linux, macOS).☆40Updated 2 months ago
- Example of building an application verifer DLL☆46Updated last year
- PEIM (UEFI) bootkit targeting OVMF (EDK2)☆35Updated last year
- break link between dll and it file on disk☆11Updated 9 months ago
- ☆30Updated 3 months ago
- Generate a PDB file given the old PDB file and an address mapping☆48Updated 2 months ago
- A VMWare logger using built-in backdoor.☆29Updated 7 months ago
- havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets☆30Updated 9 months ago
- call gates as stable comunication channel for NT x86 and Linux x86_64☆31Updated last year
- ☆39Updated 3 months ago
- ☆14Updated last year
- A few examples of how to trap virtual memory access on Windows.☆30Updated 5 months ago
- Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…☆76Updated last month
- ☆24Updated 5 months ago
- An example of how to use Microsoft Windows Warbird technology☆28Updated 2 years ago
- A native Windows library for intercepting kernel-to-user transitions using instrumentation callbacks☆20Updated last year
- Signature finder (from PE-bear)☆36Updated last month
- Finding Truth in the Shadows☆92Updated 2 years ago
- A fast method to intercept syscalls from any user-mode process using InstrumentationCallback and detect any process using Instrumentation…☆31Updated last year
- All LLVM binaries scrambled with SigBreaker and used to test against llvm-lit☆16Updated 3 weeks ago
- WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API☆22Updated 3 years ago
- Report and exploit of CVE-2024-21305.☆34Updated last year
- ☆16Updated 2 years ago
- Remote Thread Detection with a Kernel Driver☆30Updated 4 months ago
- A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.☆29Updated 2 years ago
- Detours implementation (x64/x86) which used only ntdll import☆89Updated 11 months ago
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆55Updated 2 years ago