Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)
☆73Aug 11, 2023Updated 2 years ago
Alternatives and similar repositories for cgaty
Users that are interested in cgaty are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples☆74Apr 11, 2022Updated 4 years ago
- Dump PDB Symbols including support for Bochs Debugging Format (with wine support)☆14Aug 11, 2023Updated 2 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- Helper script for Windows kernel debugging with IDA Pro on native Bochs debugger (including PDB symbols)☆62Aug 11, 2023Updated 2 years ago
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆52Mar 11, 2021Updated 5 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Load Dll into Kernel space☆39Aug 23, 2022Updated 3 years ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆68Aug 11, 2023Updated 2 years ago
- An example code of CiGetCertPublisherName☆16Mar 24, 2022Updated 4 years ago
- ☆118Aug 7, 2022Updated 3 years ago
- Piece of code to detect and remove hooks in IAT☆66May 30, 2022Updated 4 years ago
- A simple x86_64 AMD-v hypervisor type-2 Programmed with C++, with soon to be added syscall hooks. [W.I.P]☆111Aug 3, 2023Updated 2 years ago
- automates exploits using ROP chains, using ntdll-scraper☆15May 26, 2022Updated 4 years ago
- Helper scripts for windows debugging with symbols for Bochs and IDA Pro (PDB files). Very handy for user mode <--> kernel mode☆19Aug 11, 2023Updated 2 years ago
- A small PoC that creates processes in Windows☆187Jun 6, 2024Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- ☆69Dec 17, 2020Updated 5 years ago
- ☆70Feb 6, 2025Updated last year
- kernel driver used to monitor the activity of BadlionAnticheat.sys by patching its IAT☆32Jul 9, 2021Updated 4 years ago
- x64 PE-COFF virtualization driven obfuscation engine☆59Oct 14, 2022Updated 3 years ago
- Personal curation of Clang/LLVM patches.☆12Feb 27, 2021Updated 5 years ago
- ☆10Apr 19, 2026Updated last month
- C/C++ Runtime library for system file (Windows Kernel Driver) - Supports Microsoft STL☆192Aug 27, 2022Updated 3 years ago
- Enumerate various traits from Windows processes as an aid to threat hunting☆202Jan 13, 2022Updated 4 years ago
- Enumerate user mode shared memory mappings on Windows.☆132Feb 14, 2021Updated 5 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- ☆17Oct 31, 2022Updated 3 years ago
- hooks gServerHandlers xxxEventWndProc☆13May 1, 2022Updated 4 years ago
- Integration of Microsoft Warbird with the MSVC compiler☆135Jul 16, 2023Updated 2 years ago
- A PoC designed to bypass all usermode hooks in a WoW64 environment.☆149Sep 16, 2020Updated 5 years ago
- 跨平台模拟执行unicorn框架基于Qemu的TCG模式(Tiny Code Generator),以无硬件虚拟化支持方式实现全系统的虚拟化,支持跨平台和架构的CPU指令模拟,本文讨论是一款笔者的实验性项目采用Windows Hypervisor Platform虚拟机模式…☆80Dec 17, 2023Updated 2 years ago
- A way to detect DBI frameworks, Debuggers and VMs.☆24Nov 17, 2020Updated 5 years ago
- Driver demonstrating how to register a DPC to asynchronously wait on an object☆51Jan 15, 2021Updated 5 years ago
- Proof-of-Concept software for detecting AV/EDR hooks in Windows libraries.☆38May 12, 2022Updated 4 years ago
- Rootkit Arsenal 2nd Source Code☆15Aug 6, 2013Updated 12 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- A code parser for C-Style header files that lets you to parse function's prototypes and data types used in their parameters.☆92Apr 17, 2022Updated 4 years ago
- Subtract one PE file from another!☆20Oct 1, 2021Updated 4 years ago
- A simple password-based PE encryptor for Windows 32-bit executables.☆51Jan 9, 2025Updated last year
- Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …☆57Dec 30, 2025Updated 5 months ago
- Easy Anti PatchGuard☆221Apr 9, 2021Updated 5 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆272Aug 31, 2022Updated 3 years ago
- Simple Demo of using Windows Hypervisor Platform☆29Jul 14, 2025Updated 10 months ago