rogerxiii / kernel-codecave-pocLinks
Proof of concept on how to bypass some limitations of a manual mapped driver
☆172Updated 4 years ago
Alternatives and similar repositories for kernel-codecave-poc
Users that are interested in kernel-codecave-poc are comparing it to the libraries listed below
Sorting:
- manually map driver for a signed driver memory space☆161Updated 4 years ago
- ☆148Updated 4 years ago
- A mapper that maps shellcode into loaded large page drivers☆290Updated 3 years ago
- Using CVE-2021-40449 to manual map kernel mode driver☆100Updated 3 years ago
- 09/2021 reversal of EasyAntiCheat driver☆219Updated 3 years ago
- Kernel Lazy Importer☆122Updated last year
- A kernelmode driver swapping a .data pointer in the kernel to perform communication between the kernel and usermode.☆145Updated 4 years ago
- kernel anticheat to test your driver against☆168Updated last month
- ☆124Updated 3 years ago
- Drawing from kernelmode without any hooks☆168Updated 3 years ago
- An Injector that can inject dll into game process protected by anti cheat using SetWindowsHookEx.☆243Updated 6 years ago
- undetected eac mapper☆166Updated 3 years ago
- BattlEye shellcodes tester☆148Updated 3 years ago
- ☆184Updated 3 years ago
- base for testing☆171Updated 10 months ago
- Allows you to communicate with the kernel mode to manipulate memory in a stealthy way to avoid kernel anticheats.☆173Updated 3 years ago
- Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.☆347Updated 3 years ago
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆144Updated 3 years ago
- Easy Anti PatchGuard☆224Updated 4 years ago
- This is a simple project of a driver + usermode.☆154Updated 3 years ago
- x64 Windows kernel driver mapper, inject unsigned driver using anycall☆163Updated last year
- Archive R/W into any protected process by changing the value of KTHREAD->PreviousMode☆156Updated 3 years ago
- ☆153Updated 5 years ago
- ☆142Updated 4 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆118Updated 3 years ago
- load unsigned kernel-driver by patching dse in 248 lines☆129Updated last year
- Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executabl…☆341Updated 3 years ago
- Cool kernel communication method.☆101Updated 4 years ago
- The program draws with win32k gdi functions in the kernel while NtGdiDdDDISubmitCommand is being hooked.☆308Updated 5 years ago
- a more stable & secure read/write virtual memory for kernel mode drivers☆162Updated 5 years ago