t3ssellate / unmapperLinks
An automatic tool for fixing dumped PE files
☆41Updated 4 years ago
Alternatives and similar repositories for unmapper
Users that are interested in unmapper are comparing it to the libraries listed below
Sorting:
- ☆68Updated 4 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆59Updated 5 years ago
- Resolve DOS MZ executable symbols at runtime☆95Updated 3 years ago
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆50Updated 4 years ago
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆77Updated 14 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆51Updated 4 years ago
- A reflexive driver loader to bypass Windows DSE (featuring a custom PE loader)☆41Updated 6 years ago
- ☆59Updated 2 years ago
- x64 Windows implementation of virtual-address to physical-address translation☆42Updated 4 years ago
- ☆26Updated 4 years ago
- This is a simple driver with x64 inline assembly☆55Updated 4 years ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆65Updated last year
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆40Updated 3 years ago
- (DEPRECATED) A simple anti-anti debug library for Windows☆29Updated 4 years ago
- ☆21Updated 4 years ago
- A poc that abuses Enclave☆38Updated 2 years ago
- A research project about Windows notify routines.☆35Updated 4 years ago
- Stealthy Injector that leverages a vulnerable driver and other exploits to remain undetected☆36Updated 6 years ago
- Sample project for kernel debugging automation with Vagrant☆59Updated 5 years ago
- ☆37Updated 6 years ago
- This is the P.O.C source for hooking the system calls on Windows 10 (1903) using it's dynamic trace feature weakness☆52Updated 5 years ago
- Скрытие строки от отладчиков и декомпиляторов☆50Updated 5 years ago
- detect hypervisor with Nmi Callback☆34Updated 2 years ago
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆60Updated last year
- Windows PDB parser for kernel-mode environment.☆97Updated 2 years ago
- Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.☆29Updated 3 years ago
- Driver demonstrating how to register a DPC to asynchronously wait on an object☆49Updated 4 years ago
- x64 syscall caller in C++.☆90Updated 6 years ago
- Documenting system information classes and their uses☆51Updated 3 years ago
- Polymorphic Stub Creator☆33Updated 7 years ago