A library to assist with memory & code protection.
☆66Mar 7, 2024Updated last year
Alternatives and similar repositories for BinCon
Users that are interested in BinCon are comparing it to the libraries listed below
Sorting:
- Standard Kernel Library for Windows manipulation in C++☆199Jun 18, 2025Updated 8 months ago
- Kernel driver for detecting Intel VT-x hypervisors.☆197Jul 11, 2023Updated 2 years ago
- POC Hook of nt!HvcallCodeVa☆54May 8, 2023Updated 2 years ago
- C++ 20 Control Flow Obfuscation library for Windows Binaries☆434Oct 8, 2025Updated 4 months ago
- base for testing☆186Sep 28, 2024Updated last year
- Walks through the 4-level paging structures in Windows x64☆13Feb 12, 2023Updated 3 years ago
- How Meltdown and Spectre haunt Anti-Cheat: DVRT details☆22Aug 21, 2024Updated last year
- Emulate Drivers in RING3 with self context mapping or unicorn☆365Aug 18, 2022Updated 3 years ago
- Helper functions for calculating the authenticode digest for a portable executable file☆21Apr 30, 2020Updated 5 years ago
- 🪝 Various EPT hook detection approaches☆143Feb 22, 2026Updated last week
- Securely Retrieving Hardware Serials Without WMIC From Usermode☆19Nov 3, 2023Updated 2 years ago
- ☆223Mar 11, 2023Updated 2 years ago
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆84Dec 21, 2022Updated 3 years ago
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆78Mar 29, 2025Updated 11 months ago
- Native code virtualizer for x64 binaries☆517Dec 20, 2024Updated last year
- ☆95Oct 25, 2025Updated 4 months ago
- Kernel-mode Paravirtualization in Ring 2, LLVM based linker, and some other things!☆409Apr 19, 2025Updated 10 months ago
- ☆26May 31, 2019Updated 6 years ago
- Not mine. Only for saving☆26Jun 28, 2022Updated 3 years ago
- ☆27Nov 24, 2024Updated last year
- driver manual mapper powered by https://github.com/estimated1337/lenovo_exec☆115Dec 28, 2022Updated 3 years ago
- PointerGuard is a proof-of-concept tool used to create 'guarded' pointers which disguise pointer addresses, monitor reads/writes, and pre…☆57May 23, 2022Updated 3 years ago
- Collection of hypervisor detections☆297Sep 25, 2024Updated last year
- ☆14Dec 3, 2022Updated 3 years ago
- PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook☆12May 30, 2024Updated last year
- An x86-64 Code Virtualizer☆309Sep 26, 2024Updated last year
- An x64 page table iterator written in C++ as a kernel mode windows driver.☆119May 25, 2021Updated 4 years ago
- scan system / process integrity☆350Oct 22, 2024Updated last year
- A mapper that maps shellcode into loaded large page drivers☆324Apr 26, 2022Updated 3 years ago
- This program remaps its image to prevent the page protection of pages contained in the image from being modified via NtProtectVirtualMemo…☆632Mar 19, 2019Updated 6 years ago
- it's a driver injector or driver loader header lib(Windows)☆12Aug 5, 2023Updated 2 years ago
- Leveraging Platform Trust Technology (PTT) to defeat Driver Signing Enforcement (DSE) to run Kernel Drivers (KMDF) with Secure Boot Enabl…☆14Aug 22, 2022Updated 3 years ago
- read / write memory from a proxy process by injecting shellcode☆20Dec 23, 2025Updated 2 months ago
- ☆37Sep 26, 2024Updated last year
- kernel mode anti cheat☆637Aug 4, 2024Updated last year
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆268Aug 31, 2022Updated 3 years ago
- ☆99Oct 6, 2017Updated 8 years ago
- A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy☆103Jun 26, 2023Updated 2 years ago
- Another wow64ext to try to be compatible with WOW64 for all architectures.☆98Jan 1, 2026Updated 2 months ago