un4ckn0wl3z / PCIE-DetectorLinks
Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures
☆36Updated 9 months ago
Alternatives and similar repositories for PCIE-Detector
Users that are interested in PCIE-Detector are comparing it to the libraries listed below
Sorting:
- ☆15Updated 2 years ago
- WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API☆23Updated 3 years ago
- Elevate arbitrary MSR writes to kernel execution.☆36Updated last year
- ☆23Updated last year
- Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible. No …☆18Updated last year
- A demonstration of hooking into the VMProtect-2 virtual machine☆20Updated last year
- Windows driver template, using C++20 & cmake & GithubActions☆22Updated 10 months ago
- EDR PoC WIP LLC☆11Updated last year
- Generate a PDB file given the old PDB file and an address mapping☆48Updated 3 months ago
- SoulExtraction is a windows driver library for extracting cert information in windows drivers☆24Updated 2 years ago
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆55Updated 2 years ago
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆55Updated 8 months ago
- ☆29Updated 3 years ago
- An example of how to use Microsoft Windows Warbird technology☆28Updated 2 years ago
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆50Updated 4 years ago
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆40Updated 3 years ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆66Updated last year
- Symbolic Execution based on lifting amd64 to z3☆27Updated 11 months ago
- ☆59Updated 3 years ago
- An improved version of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆70Updated 2 months ago
- Bypassing kernel patch protection runtime☆20Updated 2 years ago
- PDB Rewriting Rust Library☆24Updated last year
- An extended proof-of-concept for the CVE-2021-21551 Dell ‘dbutil_2_3.sys’ Kernel Exploit☆24Updated 3 years ago
- reverse engineering of the windows nt kernel debugger protocol & reimplementation.☆25Updated 11 months ago
- PEIM (UEFI) bootkit targeting OVMF (EDK2)☆35Updated last year
- A poc that abuses Enclave☆38Updated 2 years ago
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆47Updated 2 years ago
- How Meltdown and Spectre haunt Anti-Cheat: DVRT details☆21Updated 10 months ago
- Hijack NotifyRoutine for a kernelmode thread☆42Updated 3 years ago
- Just an example of a well-known technique to detect memory tampering via Windows Working Sets.☆16Updated 3 years ago