tandasat / recon2024_demo
Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible. No test signing mode is required.
☆16Updated 9 months ago
Alternatives and similar repositories for recon2024_demo:
Users that are interested in recon2024_demo are comparing it to the libraries listed below
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆37Updated 5 months ago
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆49Updated 4 years ago
- POC Hook of nt!HvcallCodeVa☆50Updated last year
- A efi-runner and message logger for vmware.☆12Updated 4 months ago
- Cheat for my own game SecureGame which uses a bootkit to hyperjack Hyper-V in order to access VBS enclave's memory☆38Updated 3 months ago
- ☆30Updated last year
- ☆29Updated 6 months ago
- A poc that abuses Enclave☆37Updated 2 years ago
- Kernel ReClassEx☆65Updated last year
- Simple and lightweight hypervisor for AMD processors☆27Updated 3 months ago
- intel vt-x type 2 hypervisor☆50Updated this week
- Achieving code execution through abusing vectored exception handling☆17Updated last year
- detect hypervisor with Nmi Callback☆34Updated 2 years ago
- A simple present scene, kernel allocation injector.☆24Updated 2 years ago
- A demonstration of hooking into the VMProtect-2 virtual machine☆18Updated last year
- partially disable patchguard up to win11 21H2☆19Updated 9 months ago
- My research WIP bluepill hypervisor☆41Updated 2 years ago
- A minimalistic way to spoof return addresses without using exceptions☆14Updated 2 years ago
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆48Updated 2 years ago
- This driver hooks a device object for ioctl and uses mdls to allocate physical pages and manually injects an entry into a process's page …☆14Updated 2 years ago
- ☆24Updated last year
- How Meltdown and Spectre haunt Anti-Cheat: DVRT details☆21Updated 7 months ago
- windows kernel pagehook☆39Updated 2 years ago
- ☆69Updated 2 years ago
- This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM☆22Updated last year
- Type 2 Hypervisor for security research supported by AMD-V hardware assisted virtualization☆38Updated 2 years ago
- Old way for blocking NMI interrupts☆26Updated 2 years ago
- Windows PDB parser for kernel-mode environment.☆95Updated 2 years ago
- ☆21Updated 3 years ago
- An extended proof-of-concept for the CVE-2021-21551 Dell ‘dbutil_2_3.sys’ Kernel Exploit☆24Updated 3 years ago