tyranid / windows-memory-access-trapsLinks
A few examples of how to trap virtual memory access on Windows.
☆30Updated 5 months ago
Alternatives and similar repositories for windows-memory-access-traps
Users that are interested in windows-memory-access-traps are comparing it to the libraries listed below
Sorting:
- call gates as stable comunication channel for NT x86 and Linux x86_64☆31Updated last year
- ☆46Updated 2 months ago
- ☆31Updated last year
- CVE-2024-40431+CVE-2022-25479 chain for EOP(DATA ONLY ATTACK)☆45Updated 7 months ago
- ☆20Updated 4 months ago
- A C++ PoC implementation for enumerating Windows Fibers directly from memory☆19Updated last year
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆26Updated last year
- Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…☆76Updated last month
- Remove WPP calls from hexrays decompiled code☆48Updated 2 months ago
- HEVD Exploit: BufferOverflowNonPagedPoolNx on Windows 10 22H2 - Escalating from Low Integrity to SYSTEM via Aligned Chunk Confusion☆52Updated last month
- Extract data of TTD trace file to a minidump☆28Updated last year
- ☆30Updated 5 months ago
- ☆39Updated 3 months ago
- LPE exploit for CVE-2023-36802☆22Updated last year
- Analysis of the vulnerability☆51Updated last year
- https://github.com/janoglezcampos/c_syscalls with the ASM rewritten by myself for Visual Studio's Compiler.☆31Updated 11 months ago
- Enabled / Disable LSA Protection via BYOVD☆68Updated 3 years ago
- Standalone Metasploit-like XOR encoder for shellcode☆47Updated last year
- ☆12Updated 7 months ago
- ☆31Updated last month
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 3 years ago
- Proof-of-Concept for CVE-2024-26218☆51Updated last year
- ☆33Updated last year
- Check if your AV/EDR does inline hooking, displays the hooked functions and allows you to compare them with the original ones.☆28Updated last month
- Mentally ill EtwTi parser☆38Updated 2 months ago
- Slides for COM Hijacking AV/EDR Talk on 38c3☆74Updated 4 months ago
- Exploiting the KsecDD Windows driver through Server Silos☆71Updated 6 months ago
- PEIM (UEFI) bootkit targeting OVMF (EDK2)☆35Updated last year
- Load a dynamic library from memory using a fuse mount☆31Updated last year
- A simple but useful project maybe help you reverse Windows.☆38Updated last year