tandasat / recon2024_demo
Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible. No test signing mode is required.
☆13Updated 3 months ago
Related projects: ⓘ
- A large collection of 32bit and 64bit PE files useful for verifying the correctness of bin2bin transformations☆42Updated last month
- My research WIP bluepill hypervisor☆42Updated last year
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆47Updated 3 years ago
- How Meltdown and Spectre haunt Anti-Cheat: DVRT details☆18Updated 3 weeks ago
- Type 2 Hypervisor for security research supported by AMD-V hardware assisted virtualization☆38Updated last year
- Me fockin' pe protector☆45Updated last year
- POC Hook of nt!HvcallCodeVa☆49Updated last year
- Extensions for x64dbg written in Rust: Telescope and Unicorn powered disassembly☆23Updated last year
- Windows kernel driver template for cmkr (with testsigning).☆29Updated last year
- reverse engineering of the windows nt kernel debugger protocol & reimplementation.☆16Updated 2 months ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆57Updated last year
- This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM☆22Updated 10 months ago
- Binary Ninja plugin for automating VMProtect analysis☆55Updated last year
- Disassembler for Zeus VM custom instruction set☆20Updated 7 months ago
- A Hyper-V Hacking Framework For Windows 10 x64 (AMD & Intel)☆29Updated last year
- intel vt-x type 2 hypervisor☆48Updated 2 months ago
- Hyper-V related resources☆30Updated 5 months ago
- Collection of obfuscation, tamper-proofing, and watermarking algorithms targeting LLVM IR.☆71Updated 4 years ago
- Code virtualizer☆20Updated 8 years ago
- Windows PDB parser for kernel-mode environment.☆82Updated last year
- A small tool for rapid enumeration of CPUID, and MSR fields.☆12Updated 7 months ago
- x86-64 virtualizing obfuscator written in Rust☆57Updated 10 months ago
- A demonstration of hooking into the VMProtect-2 virtual machine☆16Updated 10 months ago
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆39Updated 2 years ago
- Rust library for lifting raw binary data to LLVM IR☆37Updated last month
- ☆39Updated last month
- LLVM obfuscation pass, flattening at the basic block's level and turning each basic block into a dispacher and each instruction into a ne…☆47Updated 3 years ago
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆69Updated last year
- Efficient mixed boolean-arithmetic (MBA) simplifier☆67Updated this week
- A repository of IDA Databases and Binaries used for the analysis of popular commercial virtual-machine obfuscators☆60Updated last year