vmcall / owned_alignmentLinks
Hooking kernel functions by abusing alignment
☆243Updated 4 years ago
Alternatives and similar repositories for owned_alignment
Users that are interested in owned_alignment are comparing it to the libraries listed below
Sorting:
- a more stable & secure read/write virtual memory for kernel mode drivers☆164Updated 5 years ago
- The program draws with win32k gdi functions in the kernel while NtGdiDdDDISubmitCommand is being hooked.☆302Updated 5 years ago
- Proof of concept on how to bypass some limitations of a manual mapped driver☆171Updated 4 years ago
- Module extending manual mapper☆338Updated 5 years ago
- An Injector that can inject dll into game process protected by anti cheat using SetWindowsHookEx.☆244Updated 6 years ago
- Intercepting DeviceControl via WPP☆134Updated 5 years ago
- A customizable process dumper.☆142Updated 5 years ago
- 09/2021 reversal of EasyAntiCheat driver☆219Updated 3 years ago
- C++17 PE manualmapper☆360Updated 3 years ago
- Vectored Exception Handling Hooking Class☆159Updated 6 years ago
- driver mapper / capcom wrapper☆220Updated 5 years ago
- ☆168Updated 7 years ago
- ☆145Updated 4 years ago
- Windows kernel samples☆253Updated 6 years ago
- ☆153Updated 5 years ago
- A mapper that maps shellcode into loaded large page drivers☆283Updated 3 years ago
- Kernel LdrLoadDll injector☆260Updated 6 years ago
- Easy Anti PatchGuard☆221Updated 4 years ago
- manually map driver for a signed driver memory space☆160Updated 4 years ago
- Stealthy UM <-> KM communication system without creating any system threads, permanent hooks, driver objects, section objects or device o…☆377Updated last year
- Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.☆343Updated 3 years ago
- Emulate Drivers in RING3 with self context mapping or unicorn☆341Updated 2 years ago
- ☆181Updated 3 years ago
- Minimalistic AMD-V/SVM hypervisor with memory introspection capabilities☆280Updated 3 months ago
- Rendering on external windows via hijacking thread contexts☆393Updated 4 years ago
- A library to manipulate physical memory from usermode.☆294Updated last year
- Elevate a process to be a protected process☆150Updated 5 years ago
- Kernel Inject DLL☆345Updated 2 years ago
- Kernel-Mode Driver that loads a dll into every new created process that loads kernel32.dll module☆417Updated 6 years ago
- This is a source to a bypass i made for some games, for now this should work f or VAC, BE and EAC. The only downside is that you will nee…☆183Updated 4 years ago