rogerxiii / kernel-codecave-poc
Proof of concept on how to bypass some limitations of a manual mapped driver
☆144Updated 3 years ago
Related projects: ⓘ
- ☆135Updated 3 years ago
- a more stable & secure read/write virtual memory for kernel mode drivers☆161Updated 4 years ago
- manually map driver for a signed driver memory space☆136Updated 3 years ago
- ☆150Updated 4 years ago
- BattlEye shellcodes tester☆133Updated 2 years ago
- 09/2021 reversal of EasyAntiCheat driver☆194Updated 2 years ago
- Check your detection vectors☆132Updated last year
- Kernel Lazy Importer☆107Updated 5 months ago
- Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.☆260Updated 3 years ago
- a minimalistic windows hypervisor for amd processors☆96Updated 2 years ago
- Minimalistic AMD-V/SVM hypervisor with memory introspection capabilities☆168Updated 3 months ago
- A mapper that maps shellcode into loaded large page drivers☆215Updated 2 years ago
- undetected eac mapper☆161Updated 2 years ago
- Hooking kernel functions by abusing alignment☆238Updated 3 years ago
- base for testing☆146Updated this week
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆133Updated 2 years ago
- A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.☆111Updated 2 years ago
- Drawing from kernelmode without any hooks☆154Updated 2 years ago
- A kernelmode driver swapping a .data pointer in the kernel to perform communication between the kernel and usermode.☆137Updated 3 years ago
- The program draws with win32k gdi functions in the kernel while NtGdiDdDDISubmitCommand is being hooked.☆241Updated 4 years ago
- Memory hacking library powered by AMD SVM☆290Updated last year
- Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL☆188Updated 3 years ago
- ☆173Updated 2 years ago
- ☆93Updated this week
- ☆115Updated 2 years ago
- Using CVE-2021-40449 to manual map kernel mode driver☆96Updated 2 years ago
- An Injector that can inject dll into game process protected by anti cheat using SetWindowsHookEx.☆225Updated 5 years ago
- A PoC for requesting HWIDs directly from hardware, skipping any potential hooks or OS support.☆77Updated 3 years ago
- A customizable process dumper.☆130Updated 5 years ago
- ☆138Updated 3 years ago