unkbyte / measured_boot_poc
Leveraging TPM2 TCG Logs (Measured Boot) to Detect UEFI Drivers and Pre-Boot Applications
☆12Updated this week
Alternatives and similar repositories for measured_boot_poc:
Users that are interested in measured_boot_poc are comparing it to the libraries listed below
- Easy encrypt/decrypt data with TPM☆25Updated last year
- Example of building an application verifer DLL☆45Updated 10 months ago
- PEIM (UEFI) bootkit targeting OVMF (EDK2)☆34Updated last year
- ☆25Updated 2 years ago
- Research of modifying exported function names at runtime (C/C++, Windows)☆17Updated 10 months ago
- ☆12Updated 2 years ago
- ☆23Updated last week
- havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets☆26Updated 7 months ago
- Sample Rust crate used to implement a VBS enclave in Rust☆17Updated last month
- In-memory hiding technique☆47Updated 2 months ago
- Callstack spoofing using a VEH because VEH all the things.☆19Updated 2 weeks ago
- run process as PPL Antimalware☆10Updated last year
- AIDA64DRIVER Elevation of Privilege Vulnerability☆12Updated 5 months ago
- A simple Linux in-memory .so loader☆29Updated 2 years ago
- A VMWare logger using built-in backdoor.☆27Updated 5 months ago
- ☆19Updated 2 years ago
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆51Updated 2 years ago
- call gates as stable comunication channel for NT x86 and Linux x86_64☆31Updated last year
- a demo module for the kaine agent to execute and inject assembly modules☆38Updated 7 months ago
- Header-only C++ library for producing PE files.☆31Updated last year
- A set of LLVM and GCC based plugins that perform code obfuscation.☆121Updated 3 weeks ago
- ☆21Updated 11 months ago
- An improved version of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆34Updated this week
- A few examples of how to trap virtual memory access on Windows.☆29Updated 3 months ago
- SoulExtraction is a windows driver library for extracting cert information in windows drivers☆22Updated 2 years ago
- doesnt work and wont work on it anymore☆10Updated 8 months ago
- ☆37Updated last year
- ☆37Updated last month
- Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post☆56Updated 7 months ago
- ☆17Updated last month