senko37 / drvload-bootkit
EFI bootkit for loading unsigned drivers
☆18Updated 8 months ago
Alternatives and similar repositories for drvload-bootkit:
Users that are interested in drvload-bootkit are comparing it to the libraries listed below
- POC Hook of nt!HvcallCodeVa☆49Updated last year
- nmi stackwalking + module verification☆107Updated last year
- An advanced DKOM for drivers with "DRIVER_OBJECT"☆16Updated 2 years ago
- ☆10Updated 2 years ago
- ntoskrnl .data hooks for UM-KM communication☆36Updated 9 months ago
- ☆71Updated 2 years ago
- PAGE_GUARD based hooking library☆42Updated 2 years ago
- Library to manipulate drivers that expose a physical memory read/write primitive.☆24Updated last year
- Hiding a system thread against conventional means of detection☆39Updated 4 years ago
- Windows PDB parser for kernel-mode environment.☆95Updated 2 years ago
- Freeze target threads (external - internal ) by avoiding SuspendThread detections. Or access registers from start address.☆31Updated 11 months ago
- Custom KiSystemStartup, can be used to modificate kernel before boot.☆51Updated 2 years ago
- ☆52Updated 2 years ago
- Mapping your code on a 0x1000 size page☆71Updated 2 years ago
- Discarded Section Manual Map☆66Updated 4 years ago
- Tool to dump EFI runtime drivers.☆35Updated last year
- Kernel Level NMI Callback Blocker☆73Updated 6 months ago
- A simple ida python script to find .data ptr☆50Updated last year
- just proof of concept. hooking MmCopyMemory PG safe.☆67Updated last year
- ☆30Updated 2 years ago
- ☆29Updated 5 months ago
- Virtual and physical memory hacking library using gigabyte vulnerable driver☆70Updated last year
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆36Updated 4 months ago
- Old project (2020) reformed. Modifies gRT->GetVariable sub function from EFI_APPLICATION. Tested on Win10 22H2 (AMD).☆50Updated last year
- Another UEFI runtime bootkit☆29Updated last year
- A library to assist with memory & code protection.☆53Updated last year
- UM-KM Communication using registry callbacks☆39Updated 4 years ago
- ☆48Updated last year
- Translate virtual addresses to physical addresses from usermode.☆36Updated 9 months ago
- Cheat for my own game SecureGame which uses a bootkit to hyperjack Hyper-V in order to access VBS enclave's memory☆38Updated 3 months ago