An automatic tool for fixing dumped PE files
☆42Jul 28, 2020Updated 5 years ago
Alternatives and similar repositories for unmapper
Users that are interested in unmapper are comparing it to the libraries listed below
Sorting:
- CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers☆145Sep 5, 2020Updated 5 years ago
- A virtualization-based endpoint security solution for Windows☆88May 23, 2021Updated 4 years ago
- CVE-2021-29337 - Privilege Escalation in MODAPI.sys (MSI Dragon Center)☆31Oct 12, 2021Updated 4 years ago
- Map memory to user space and manipulate user memory, using capmon☆24Nov 3, 2018Updated 7 years ago
- handle elevation using bedaisy.☆13Aug 17, 2020Updated 5 years ago
- A native hypervisor designed for the Windows operating system☆125Mar 6, 2021Updated 5 years ago
- ☆17Dec 3, 2020Updated 5 years ago
- Kernel Hook X64☆26Oct 11, 2020Updated 5 years ago
- Figuring out the cause of a handle downgrade☆24Dec 13, 2022Updated 3 years ago
- A documented Windows x64 bit Usermode Injector that works via hooking IAT and hijacking its threads to execute shellcode.☆65Aug 31, 2023Updated 2 years ago
- Bypassing EAC integrity checks by abusing a TOCTOU in Dead by Daylight.☆22Jan 9, 2021Updated 5 years ago
- A simple example how to decrypt kernel debugger data block☆32Feb 8, 2021Updated 5 years ago
- This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM☆28Nov 6, 2023Updated 2 years ago
- automates exploits using ROP chains, using ntdll-scraper☆16May 26, 2022Updated 3 years ago
- A driver that supports communication between a Windows guest and HyperWin☆15Jan 6, 2021Updated 5 years ago
- ☆14Mar 8, 2019Updated 6 years ago
- A simple tool for enumerating dynamic endpoints on a DCE/RPC remote or local endpoint mapper.☆15Oct 9, 2020Updated 5 years ago
- Enumerate user mode shared memory mappings on Windows.☆128Feb 14, 2021Updated 5 years ago
- A driver that hooks C: volume using symbolic link callback to track all FS access to the volume☆109Apr 24, 2020Updated 5 years ago
- An example of a client and server using Windows' ALPC functions to send and receive data.☆115Jan 21, 2025Updated last year
- fix vmprotect import function used unicorn-engine.☆99Apr 4, 2023Updated 2 years ago
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆51Mar 11, 2021Updated 4 years ago
- Fortnite External Cheat☆38Apr 11, 2020Updated 5 years ago
- A simple Windows kernel rootkit.☆96May 13, 2025Updated 9 months ago
- ☆17Oct 31, 2022Updated 3 years ago
- ☆15Oct 7, 2020Updated 5 years ago
- Analysing and defeating PatchGuard universally☆36Nov 4, 2020Updated 5 years ago
- kernel driver used to monitor the activity of BadlionAnticheat.sys by patching its IAT☆32Jul 9, 2021Updated 4 years ago
- Decrypts multiple BattlEye packets from BEService<>BEDaisy (including those with multiple encryption layers) out to a console.☆27Apr 14, 2022Updated 3 years ago
- Lightweight type-1 hypervisor offering a foundation for building advanced security-focused functionality.☆282Feb 16, 2026Updated 2 weeks ago
- PoC for hiding PE exports☆67Dec 19, 2020Updated 5 years ago
- x86/x64 dll injector☆31May 17, 2022Updated 3 years ago
- Example of hijacking system calls via function pointer tables☆31Jun 26, 2021Updated 4 years ago
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆66Apr 4, 2020Updated 5 years ago
- ☆21Sep 6, 2018Updated 7 years ago
- ☆17Feb 29, 2020Updated 6 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆104May 14, 2020Updated 5 years ago
- ☆68Dec 17, 2020Updated 5 years ago
- A simple kernel mode driver that hooks some values at the KUSER_SHARED_DATA structure.☆27Jan 7, 2020Updated 6 years ago