tandasat / recon2024_demoLinks
Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible. No test signing mode is required.
☆21Updated last year
Alternatives and similar repositories for recon2024_demo
Users that are interested in recon2024_demo are comparing it to the libraries listed below
Sorting:
- This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM☆25Updated last year
- intel vt-x type 2 hypervisor☆59Updated 6 months ago
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆51Updated 4 years ago
- Simple anti-instrumentation with EFLAGS.AC☆18Updated 6 months ago
- How Meltdown and Spectre haunt Anti-Cheat: DVRT details☆23Updated last year
- Type 2 Hypervisor for security research supported by AMD-V hardware assisted virtualization☆40Updated 2 years ago
- POC Hook of nt!HvcallCodeVa☆52Updated 2 years ago
- My research WIP bluepill hypervisor☆40Updated 2 years ago
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆58Updated last year
- Symbolic Execution based on lifting amd64 to z3☆28Updated last year
- Runtime Hyper-V Hijacking with DDMA☆63Updated 2 months ago
- ☆32Updated last year
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆65Updated 2 years ago
- A large collection of 32bit and 64bit PE files useful for verifying the correctness of bin2bin transformations☆58Updated last year
- Kernel ReClassEx☆64Updated last year
- Simple and lightweight hypervisor for AMD processors☆37Updated this week
- A poc that abuses Enclave☆40Updated 3 years ago
- Me fockin' pe protector☆45Updated 2 years ago
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆72Updated 2 years ago
- Using MMIO (Memory-Mapped I/O) to read TPM 2.0 public Endorsement Key.☆49Updated last year
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆42Updated 3 years ago
- Custom KiSystemStartup, can be used to modificate kernel before boot.☆52Updated 3 years ago
- ☆27Updated last year
- Yet another IDA Pro/Home plugin for deobfuscating stack strings☆97Updated 2 weeks ago
- Visual Studio Project example for using Microsoft's STL in WDM (Windows Kernel-mode Driver)☆25Updated 4 years ago
- A Hyper-V Hacking Framework For Windows 10 x64 (AMD & Intel)☆95Updated 2 years ago
- Elevate arbitrary MSR writes to kernel execution.☆38Updated 2 years ago
- Windows kernel driver template for cmkr (with testsigning).☆37Updated 2 years ago
- x86-64 user mode emulation using Zydis☆69Updated last month
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆62Updated last year