tandasat / recon2024_demoLinks
Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible. No test signing mode is required.
☆21Updated last year
Alternatives and similar repositories for recon2024_demo
Users that are interested in recon2024_demo are comparing it to the libraries listed below
Sorting:
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆56Updated 9 months ago
- POC Hook of nt!HvcallCodeVa☆52Updated 2 years ago
- intel vt-x type 2 hypervisor☆56Updated 3 months ago
- Windows PDB parser for kernel-mode environment.☆99Updated last month
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆51Updated 4 years ago
- Simple anti-instrumentation with EFLAGS.AC☆18Updated 4 months ago
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆72Updated last year
- A large collection of 32bit and 64bit PE files useful for verifying the correctness of bin2bin transformations☆54Updated last year
- Kernel ReClassEx☆63Updated last year
- Cheat for my own game SecureGame which uses a bootkit to hyperjack Hyper-V in order to access VBS enclave's memory☆64Updated 7 months ago
- Type 2 Hypervisor for security research supported by AMD-V hardware assisted virtualization☆39Updated 2 years ago
- Binary rewriter for 64-bit PE files.☆83Updated last year
- How Meltdown and Spectre haunt Anti-Cheat: DVRT details☆21Updated 11 months ago
- A Hyper-V Hacking Framework For Windows 10 x64 (AMD & Intel)☆74Updated last year
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆61Updated last year
- Symbolic Execution based on lifting amd64 to z3☆28Updated last year
- Visual Studio Project example for using Microsoft's STL in WDM (Windows Kernel-mode Driver)☆25Updated 4 years ago
- My research WIP bluepill hypervisor☆41Updated 2 years ago
- A efi-runner and message logger for vmware.☆12Updated 3 months ago
- A poc that abuses Enclave☆38Updated 2 years ago
- Me fockin' pe protector☆45Updated 2 years ago
- This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM☆26Updated last year
- x86-64 user mode emulation using Zydis☆48Updated 6 months ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆67Updated last year
- A small tool for rapid enumeration of CPUID, and MSR fields.☆27Updated last year
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆40Updated 3 years ago
- Windows kernel driver template for cmkr (with testsigning).☆37Updated 2 years ago
- Another UEFI runtime bootkit☆29Updated 2 years ago
- A simple x86_64 AMD-v hypervisor type-2 Programmed with C++, with soon to be added syscall hooks. [W.I.P]☆97Updated last year
- ☆21Updated 4 years ago