vmcall / latebrosLinks
x64 usermode rootkit
☆205Updated 7 years ago
Alternatives and similar repositories for latebros
Users that are interested in latebros are comparing it to the libraries listed below
Sorting:
- PE permutation library☆273Updated 2 years ago
- Detecting execution of kernel memory where is not backed by any image file☆258Updated 6 years ago
- Import address table (IAT) hooking is a well documented technique for intercepting calls to imported functions.☆219Updated 6 years ago
- driver mapper / capcom wrapper☆220Updated 5 years ago
- PatchGuard Research☆301Updated 6 years ago
- RootKit & Cheat Scanner - Windows☆218Updated 5 years ago
- C++17 PE manualmapper☆359Updated 3 years ago
- Kernel Detective☆145Updated 2 years ago
- ☆167Updated 7 years ago
- Detect manualmapped images remotely, without hassle☆154Updated 7 years ago
- Translates WinDbg "dt" structure dump to a C structure☆126Updated 8 years ago
- Asynchronous Procedure Calls☆230Updated 4 years ago
- ☆153Updated 5 years ago
- windows kernelmode and usermode IAT hook☆147Updated 4 years ago
- Hypervisor based tool for monitoring system register accesses.☆146Updated 6 years ago
- BattlEye x64 usermode injector☆65Updated 6 years ago
- Hide Driver By MiProcessLoaderEntry☆285Updated 6 years ago
- Elevate a process to be a protected process☆150Updated 5 years ago
- Simple code to manipulate the memory of a usermode process from kernel.☆275Updated 8 years ago
- BattlEye BEClient<->BEService usermode emulator☆83Updated 5 years ago
- This DKOM exploit enables any app in usermode to access physical memory directly☆223Updated 7 years ago
- Simple VM based x86 PE (portable exectuable) protector.☆347Updated 10 years ago
- Multi-purpose proof-of-concept tool based on CPU-Z CVE-2017-15303☆109Updated 7 years ago
- disable most common windowsx64 systems patchguard☆85Updated 6 years ago
- Hooking kernel functions by abusing alignment☆241Updated 4 years ago
- Exploiting CPU-Z Driver To Turn Load Unsigned Drivers☆128Updated 7 years ago
- Capcom wrapper with safety in mind.☆79Updated 7 years ago
- ChimeraPE (a PE injector type - alternative to: RunPE, ReflectiveLoader, etc) - a template for manual loading of EXE, loading imports pay…☆224Updated 2 years ago
- Hooking SSDT with Avast Internet Security Hypervisor☆117Updated 6 years ago
- usermode standalone kernel interface☆111Updated 6 years ago