slavaim / MacOSX-SparseFile-KernelMode
A B-Tree sparse file implementation for kernel mode IOKit modules/extensions.
☆16Updated 7 years ago
Alternatives and similar repositories for MacOSX-SparseFile-KernelMode:
Users that are interested in MacOSX-SparseFile-KernelMode are comparing it to the libraries listed below
- A MacOS VFS isolation layer to redirect file I/O operations.☆30Updated 7 years ago
- Mac OS X file system filter to redirect file operations☆42Updated 7 years ago
- A file system filter for Mac OS X☆101Updated 7 years ago
- A macOS IOKit objects hooker☆87Updated 7 years ago
- A tool for Mac OS X proxy kext generation to export kernel symbols☆26Updated 7 years ago
- Mac OS X syscall hook kext☆22Updated 9 years ago
- Learn MacOS kernel extensions☆46Updated 7 years ago
- A TrustedBSD module to control execution of binaries with suid bit set☆37Updated 10 years ago
- IDA plugin to extract Mach-O binaries located in the disassembly or data☆59Updated 5 years ago
- runtime spy elf with android/linux and macho with macOS/IOS☆34Updated 7 years ago
- MacOS X process monitor using EndpointSecurity extension.☆35Updated 3 years ago
- A WDM Windows driver to issue IO to storage devices with asynchronous multithreaded processing☆21Updated 8 years ago
- Dynamic trace toolkit for Windows☆51Updated 9 years ago
- ☆12Updated 8 years ago
- hook sysenter,重载内核,下硬件断点到debugport,防止debugport清零☆23Updated 10 years ago
- Sample code for macOS Extensions Part 3☆24Updated 5 years ago
- C/C++ machine code obfuscation.☆65Updated 3 years ago
- A MacOS network kernel extension filter for IPv4/IPv6 sockets.☆75Updated 7 years ago
- macOS Private KPI Symbol Resolver☆49Updated 8 years ago
- Dump Kext information from Macos. Support batch analysis. The disassembly framework used is Capstone☆43Updated 7 years ago
- hooklib is a library that is used to inject DLL libraries in the processes, the interception code and the implementation of IPC.☆21Updated 9 years ago
- Sandbox d'analyse de malware pour Windows 7 avec un client TCP en mode noyau☆19Updated 9 years ago
- fG!'s crackme #1 source code☆35Updated 11 years ago
- A kext to facilitate calling PE_enter_debugger on machines that don't respect Cmd-Ctrl-Opt-Shift-Esc☆15Updated 6 years ago
- iOS10~iOS13 Edition) Dump Kext information from iOS kernel cache. Applicable to the kernel which dump from memory. The disassembly framew…☆20Updated 3 years ago
- Implementation of kexstat via /dev/kmem with kernel ASLR support☆36Updated 9 years ago
- Listens for Firewall rule match events generated by Microsoft Hyper-V Virtual Filter Protocol (VFP) extension.☆28Updated 4 years ago
- Hopefully an open source equivalent of machlib.☆21Updated 7 years ago
- lz77win sources!lz77 is the compression software for the windows platform.☆24Updated 5 years ago
- a net filter drive developed by wfp and msddk☆22Updated 5 years ago