vmcall / owned_alignmentLinks
Hooking kernel functions by abusing alignment
☆241Updated 4 years ago
Alternatives and similar repositories for owned_alignment
Users that are interested in owned_alignment are comparing it to the libraries listed below
Sorting:
- a more stable & secure read/write virtual memory for kernel mode drivers☆164Updated 5 years ago
- The program draws with win32k gdi functions in the kernel while NtGdiDdDDISubmitCommand is being hooked.☆295Updated 5 years ago
- Module extending manual mapper☆335Updated 5 years ago
- Proof of concept on how to bypass some limitations of a manual mapped driver☆171Updated 4 years ago
- A library to manipulate physical memory from usermode.☆292Updated last year
- An Injector that can inject dll into game process protected by anti cheat using SetWindowsHookEx.☆243Updated 5 years ago
- manually map driver for a signed driver memory space☆157Updated 4 years ago
- 09/2021 reversal of EasyAntiCheat driver☆216Updated 3 years ago
- ☆167Updated 7 years ago
- Vectored Exception Handling Hooking Class☆158Updated 6 years ago
- driver mapper / capcom wrapper☆220Updated 5 years ago
- Windows kernel samples☆249Updated 6 years ago
- A customizable process dumper.☆142Updated 5 years ago
- C++17 PE manualmapper☆359Updated 3 years ago
- ☆153Updated 5 years ago
- Intercepting DeviceControl via WPP☆133Updated 5 years ago
- Minimalistic AMD-V/SVM hypervisor with memory introspection capabilities☆261Updated 3 months ago
- A mapper that maps shellcode into loaded large page drivers☆279Updated 3 years ago
- Emulate Drivers in RING3 with self context mapping or unicorn☆338Updated 2 years ago
- ☆143Updated 4 years ago
- ☆185Updated 6 years ago
- Stealthy UM <-> KM communication system without creating any system threads, permanent hooks, driver objects, section objects or device o…☆376Updated last year
- Handle elevation DKOM against ObRegisterCallbacks☆301Updated 6 years ago
- Kernel Inject DLL☆345Updated 2 years ago
- Simple code to manipulate the memory of a usermode process from kernel.☆275Updated 8 years ago
- Rendering on external windows via hijacking thread contexts☆392Updated 4 years ago
- Elevate a process to be a protected process☆150Updated 5 years ago
- Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executabl…☆325Updated 3 years ago
- This DKOM exploit enables any app in usermode to access physical memory directly☆223Updated 7 years ago
- Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.☆339Updated 3 years ago