tandasat / recon2024_demo
Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible. No test signing mode is required.
☆16Updated 10 months ago
Alternatives and similar repositories for recon2024_demo:
Users that are interested in recon2024_demo are comparing it to the libraries listed below
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆49Updated 4 years ago
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆37Updated 6 months ago
- POC Hook of nt!HvcallCodeVa☆51Updated last year
- Cheat for my own game SecureGame which uses a bootkit to hyperjack Hyper-V in order to access VBS enclave's memory☆53Updated 4 months ago
- Kernel ReClassEx☆61Updated last year
- A poc that abuses Enclave☆38Updated 2 years ago
- A demonstration of hooking into the VMProtect-2 virtual machine☆18Updated last year
- A efi-runner and message logger for vmware.☆12Updated 5 months ago
- windows kernel pagehook☆39Updated 2 years ago
- ☆29Updated 6 months ago
- Windows PDB parser for kernel-mode environment.☆95Updated 2 years ago
- A simple present scene, kernel allocation injector.☆24Updated 2 years ago
- intel vt-x type 2 hypervisor☆51Updated last week
- My research WIP bluepill hypervisor☆41Updated 2 years ago
- How Meltdown and Spectre haunt Anti-Cheat: DVRT details☆21Updated 8 months ago
- detect hypervisor with Nmi Callback☆34Updated 2 years ago
- ☆29Updated 2 years ago
- ☆22Updated last year
- ☆68Updated 2 years ago
- C/C++ antidebugging library for Windows☆18Updated 3 months ago
- This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM☆22Updated last year
- A minimalistic way to spoof return addresses without using exceptions☆14Updated 2 years ago
- Visual Studio Project example for using Microsoft's STL in WDM (Windows Kernel-mode Driver)☆25Updated 3 years ago
- A method to Disable DSE using .data ptr hooks☆29Updated last year
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆39Updated 2 years ago
- Simple and lightweight hypervisor for AMD processors☆28Updated 4 months ago
- ☆21Updated 3 years ago
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆69Updated last year
- A project on the Unicorn emulator to emulate the code of Pe files in windows☆21Updated 7 months ago
- A Hyper-V Hacking Framework For Windows 10 x64 (AMD & Intel)☆57Updated last year