un4ckn0wl3z / PCIE-Detector
Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures
☆30Updated 2 months ago
Related projects ⓘ
Alternatives and complementary repositories for PCIE-Detector
- Proof-of-concept game using VBS enclaves to protect itself from cheating☆21Updated 2 weeks ago
- ☆15Updated last year
- research revolving the windows filtering platform callout mechanism☆22Updated 5 months ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆61Updated last year
- WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API☆19Updated 2 years ago
- A native Windows library for intercepting kernel-to-user transitions using instrumentation callbacks☆16Updated 9 months ago
- ☆57Updated 2 years ago
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆49Updated last year
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆48Updated 3 years ago
- PDB Rewriting Rust Library☆20Updated 6 months ago
- PEIM (UEFI) bootkit targeting OVMF (EDK2)☆33Updated 11 months ago
- A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.☆28Updated 2 years ago
- ☆29Updated 2 years ago
- An example of how to use Microsoft Windows Warbird technology☆25Updated last year
- windows kernel pagehook☆38Updated 2 years ago
- Report and exploit of CVE-2024-21305.☆30Updated 10 months ago
- ☆23Updated 8 months ago
- ☆16Updated 2 years ago
- A minimalistic logger for Windows Kernel Drivers.☆20Updated 8 months ago
- A demonstration of hooking into the VMProtect-2 virtual machine☆17Updated last year
- Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible. No …☆15Updated 5 months ago
- Bypassing kernel patch protection runtime☆19Updated last year
- reverse engineering of the windows nt kernel debugger protocol & reimplementation.☆16Updated 4 months ago
- ntos shit☆21Updated 9 months ago
- LLVM obfuscation pass, flattening at the basic block's level and turning each basic block into a dispacher and each instruction into a ne…☆47Updated 3 years ago
- Windows driver template, using C++20 & cmake & GithubActions☆19Updated 3 months ago
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆46Updated last year
- C/C++ antidebugging library for 32 and 64 bit processors☆12Updated 4 months ago