rogerxiii / kernel-codecave-pocLinks
Proof of concept on how to bypass some limitations of a manual mapped driver
☆173Updated 4 years ago
Alternatives and similar repositories for kernel-codecave-poc
Users that are interested in kernel-codecave-poc are comparing it to the libraries listed below
Sorting:
- manually map driver for a signed driver memory space☆160Updated 4 years ago
- ☆147Updated 4 years ago
- BattlEye shellcodes tester☆148Updated 3 years ago
- base for testing☆174Updated last year
- A mapper that maps shellcode into loaded large page drivers☆299Updated 3 years ago
- kernel anticheat to test your driver against☆175Updated 3 months ago
- ☆131Updated 3 years ago
- A kernelmode driver swapping a .data pointer in the kernel to perform communication between the kernel and usermode.☆145Updated 4 years ago
- x64 Windows kernel driver mapper, inject unsigned driver using anycall☆175Updated last year
- Using CVE-2021-40449 to manual map kernel mode driver☆102Updated 3 years ago
- 09/2021 reversal of EasyAntiCheat driver☆220Updated 3 years ago
- Kernel Lazy Importer☆124Updated last year
- a more stable & secure read/write virtual memory for kernel mode drivers☆162Updated 5 years ago
- An Injector that can inject dll into game process protected by anti cheat using SetWindowsHookEx.☆241Updated 6 years ago
- undetected eac mapper☆165Updated 3 years ago
- ☆153Updated 5 years ago
- ☆189Updated 3 years ago
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆147Updated 3 years ago
- nmi stackwalking + module verification☆133Updated last year
- Archive R/W into any protected process by changing the value of KTHREAD->PreviousMode☆162Updated 3 years ago
- load unsigned kernel-driver by patching dse in 248 lines☆134Updated last year
- Drawing from kernelmode without any hooks☆173Updated 3 years ago
- Allows you to communicate with the kernel mode to manipulate memory in a stealthy way to avoid kernel anticheats.☆171Updated 3 years ago
- Easy Anti PatchGuard☆223Updated 4 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆117Updated 3 years ago
- ☆218Updated 3 years ago
- Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.☆353Updated 4 years ago
- The program draws with win32k gdi functions in the kernel while NtGdiDdDDISubmitCommand is being hooked.☆322Updated 5 years ago
- ☆155Updated last year
- Kernel driver that .text hooks a syscall in dxgkrnl.sys which can be called from our user-mode client to send instructions like rpm/wpm a…☆191Updated 2 years ago