rogerxiii / kernel-codecave-pocLinks
Proof of concept on how to bypass some limitations of a manual mapped driver
☆173Updated 4 years ago
Alternatives and similar repositories for kernel-codecave-poc
Users that are interested in kernel-codecave-poc are comparing it to the libraries listed below
Sorting:
- manually map driver for a signed driver memory space☆162Updated 4 years ago
- ☆148Updated 4 years ago
- kernel anticheat to test your driver against☆172Updated 2 months ago
- BattlEye shellcodes tester☆149Updated 3 years ago
- Using CVE-2021-40449 to manual map kernel mode driver☆101Updated 3 years ago
- 09/2021 reversal of EasyAntiCheat driver☆220Updated 3 years ago
- A mapper that maps shellcode into loaded large page drivers☆292Updated 3 years ago
- An Injector that can inject dll into game process protected by anti cheat using SetWindowsHookEx.☆243Updated 6 years ago
- ☆124Updated 3 years ago
- A kernelmode driver swapping a .data pointer in the kernel to perform communication between the kernel and usermode.☆145Updated 4 years ago
- base for testing☆173Updated 10 months ago
- Kernel Lazy Importer☆122Updated last year
- Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.☆353Updated 4 years ago
- a more stable & secure read/write virtual memory for kernel mode drivers☆162Updated 5 years ago
- ☆153Updated 5 years ago
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆145Updated 3 years ago
- Archive R/W into any protected process by changing the value of KTHREAD->PreviousMode☆159Updated 3 years ago
- The program draws with win32k gdi functions in the kernel while NtGdiDdDDISubmitCommand is being hooked.☆309Updated 5 years ago
- undetected eac mapper☆166Updated 3 years ago
- x64 Windows kernel driver mapper, inject unsigned driver using anycall☆168Updated last year
- ☆186Updated 3 years ago
- Drawing from kernelmode without any hooks☆168Updated 3 years ago
- Easy Anti PatchGuard☆224Updated 4 years ago
- Allows you to communicate with the kernel mode to manipulate memory in a stealthy way to avoid kernel anticheats.☆174Updated 3 years ago
- ☆73Updated 5 years ago
- ☆219Updated 3 years ago
- nmi stackwalking + module verification☆131Updated last year
- ☆155Updated last year
- Kernel driver for detecting Intel VT-x hypervisors.☆189Updated 2 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆118Updated 3 years ago