windows rootkit
☆60May 2, 2024Updated last year
Alternatives and similar repositories for windows-rootkit
Users that are interested in windows-rootkit are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Anti-Rootkit Tool for Windows☆12Mar 24, 2025Updated last year
- bootkit驱动映射,三环进程注入加载指定模块☆14Oct 8, 2024Updated last year
- page table manipulation to gain physical r/w☆44May 7, 2024Updated last year
- Libraries written in inline assembly☆19Aug 7, 2023Updated 2 years ago
- A VMBR (Virtual-Machine Based Rootkit) which runs a guest OS and sends the attacker its data☆28Apr 27, 2024Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Hook NtDeviceIoControlFile with PatchGuard☆107May 10, 2022Updated 3 years ago
- Dump PDB Symbols including support for Bochs Debugging Format (with wine support)☆14Aug 11, 2023Updated 2 years ago
- Anti-Rootkit/Anti-Cheat Driver to uncover unbacked or hidden kernel code.☆324Mar 12, 2026Updated last month
- Interprocess communication library, providing the ability to call functions from each other☆20Oct 3, 2019Updated 6 years ago
- A simple example how to decrypt kernel debugger data block☆32Feb 8, 2021Updated 5 years ago
- Black Signature Driver☆25Oct 20, 2023Updated 2 years ago
- LLVM obfuscation pass, flattening at the basic block's level and turning each basic block into a dispacher and each instruction into a ne…☆48Aug 23, 2021Updated 4 years ago
- partially disable patchguard up to win11 21H2☆20Jun 3, 2024Updated last year
- intel vt-x type 2 hypervisor☆65Apr 13, 2025Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executabl…☆398Jan 29, 2022Updated 4 years ago
- Programming/scripting language☆18Jan 3, 2025Updated last year
- cr3 shuffle driver☆85Mar 24, 2024Updated 2 years ago
- Enum and Remove Hook in Windows☆52Mar 28, 2026Updated last month
- Compileable POC of namazso's x64 return address spoofer.☆51Jun 10, 2020Updated 5 years ago
- manually map driver for a signed driver memory space☆176Mar 11, 2021Updated 5 years ago
- ☆70Apr 12, 2023Updated 3 years ago
- ☆23May 8, 2023Updated 2 years ago
- manual map unsigned driver over signed memory☆225Apr 11, 2024Updated 2 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- load unsigned kernel-driver by patching dse in 248 lines☆148Mar 22, 2024Updated 2 years ago
- Kernel driver for detecting Intel VT-x hypervisors.☆200Jul 11, 2023Updated 2 years ago
- UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.☆44Jan 21, 2023Updated 3 years ago
- Custom KiSystemStartup, can be used to modificate kernel before boot.☆53Apr 7, 2022Updated 4 years ago
- Hooking Heavens Gate in a weekend☆13Jan 1, 2022Updated 4 years ago
- 将驱动映射到会话空间☆39Aug 27, 2022Updated 3 years ago
- ntos shit☆29Feb 15, 2024Updated 2 years ago
- Simple Demo of using Windows Hypervisor Platform☆29Jul 14, 2025Updated 9 months ago
- ☆25Aug 9, 2021Updated 4 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆242Nov 6, 2019Updated 6 years ago
- Patches DSE by swapping both data ptrs located in SeValidateImageHeader && SeValidateImageData☆24Feb 9, 2024Updated 2 years ago
- PoC kernel to usermode injection☆113Feb 26, 2024Updated 2 years ago
- Admin to Kernel code execution using the KSecDD driver☆265Apr 19, 2024Updated 2 years ago
- https://www.huorong.cn/☆17Apr 16, 2024Updated 2 years ago
- 跨平台模拟执行unicorn框架基于Qemu的TCG模式(Tiny Code Generator),以无硬件虚拟化支持方式实现全系统的虚拟化,支持跨平台和架构的CPU指令模拟,本文讨论是一款笔者的实验性项目采用Windows Hypervisor Platform虚拟机模式…☆79Dec 17, 2023Updated 2 years ago
- Experiment building lifting-bits dependencies with pure CMake. Migrated to:☆22Oct 8, 2024Updated last year