thejanit0r / x86_vbrkit
Small and lightweight x86-64 VBR bootkit for research purposes
☆9Updated 2 years ago
Alternatives and similar repositories for x86_vbrkit:
Users that are interested in x86_vbrkit are comparing it to the libraries listed below
- IA32-doc is a project which aims to put as many definitions from the Intel Manual into machine-processable format as possible☆16Updated 3 years ago
- Windbg extension that allows you analyze Control Flow Guard map☆34Updated 3 years ago
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year
- ☆15Updated 2 years ago
- ☆45Updated 4 years ago
- Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures☆34Updated 7 months ago
- This is a simple driver with x64 inline assembly☆54Updated 4 years ago
- Data and structures regarding the research done on WdFilter☆12Updated 5 years ago
- Code Integrity Violation Spotter☆16Updated 10 months ago
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆39Updated 2 years ago
- A research project about Windows notify routines.☆35Updated 4 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆29Updated 8 years ago
- Kernel-mode file scanner☆18Updated 6 years ago
- clone of armadillo patched for windows☆47Updated 6 months ago
- ☆28Updated 4 years ago
- Helper scripts for windows debugging with symbols for Bochs and IDA Pro (PDB files). Very handy for user mode <--> kernel mode☆19Updated last year
- VMCS Auditor provides almost all of Intel's VMCS Layout checklist based on Bochs Emulator.☆32Updated 6 years ago
- PoC of BOOST-ed _EPROCESS.VadRoot iterating☆25Updated 10 years ago
- Takes a Windbg dumped structure (using the 'dt' command) and formats it into a C structure☆35Updated 9 months ago
- hypervisor enforced patch protection for the linux kernel with xen + libvmi, libvmi KASLR offset spoofer☆31Updated last year
- Figuring out the cause of a handle downgrade☆24Updated 2 years ago
- Exploiting HEVD's WriteWhatWhereIoctlDispatch for LPE on Windows 10 TH2 through RS3 using GDI objects.☆24Updated 7 years ago
- WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API☆22Updated 3 years ago
- Open Source Libraries Collection☆24Updated 9 years ago
- WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs☆18Updated last year
- Exports monitoring plugin for x64dbg☆22Updated 2 years ago
- Triton based symbolic emulator☆16Updated 2 years ago
- ☆14Updated 7 years ago
- A reflexive driver loader to bypass Windows DSE (featuring a custom PE loader)☆41Updated 6 years ago
- Hook IDT vector 0xb2 to detect SCI in 64bit windows.☆34Updated 2 years ago