t3ssellate / unmapperLinks
An automatic tool for fixing dumped PE files
☆41Updated 5 years ago
Alternatives and similar repositories for unmapper
Users that are interested in unmapper are comparing it to the libraries listed below
Sorting:
- ☆69Updated 4 years ago
- Resolve DOS MZ executable symbols at runtime☆95Updated 3 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆63Updated 6 years ago
- x64 syscall caller in C++.☆93Updated 7 years ago
- (DEPRECATED) A simple anti-anti debug library for Windows☆30Updated 5 years ago
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆51Updated 4 years ago
- x64 Windows implementation of virtual-address to physical-address translation☆43Updated 4 years ago
- based on https://github.com/secrary/Hooking-via-InstrumentationCallback☆71Updated 5 years ago
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆42Updated 3 years ago
- Obfuscate calls to imports by patching in stubs☆72Updated 4 years ago
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆179Updated 7 years ago
- This is the P.O.C source for hooking the system calls on Windows 10 (1903) using it's dynamic trace feature weakness☆53Updated 6 years ago
- ☆59Updated 3 years ago
- Simple windows API logger☆109Updated 6 years ago
- ☆25Updated 4 years ago
- Standalone program to download PDB Symbol files for debugging without WDK☆78Updated 6 years ago
- A virtualization-based endpoint security solution for Windows☆88Updated 4 years ago
- C++ library for parsing and manipulating PE files statically and dynamically.☆88Updated 2 years ago
- A poc that abuses Enclave☆39Updated 3 years ago
- A driver that hooks C: volume using symbolic link callback to track all FS access to the volume☆110Updated 5 years ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆67Updated 2 years ago
- A reflexive driver loader to bypass Windows DSE (featuring a custom PE loader)☆43Updated 7 years ago
- A quick-and-dirty anti-hook library proof of concept.☆105Updated 7 years ago
- I'm going to be dropping code from the XC3 Driver (result of reversing the driver)☆71Updated 5 years ago
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆79Updated 14 years ago
- arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system☆57Updated 3 years ago
- A collection of tools, source code, and papers researching Windows' implementation of CET.☆85Updated 4 years ago
- Allows you to find the use of ScyllaHide, if your program will debug and restore hooking functions bytes.☆26Updated 6 years ago
- Ghetto user mode emulation of Windows kernel drivers.☆146Updated 11 months ago
- ASUSTeK AsIO3 I/O driver unlock☆23Updated 4 years ago