vmcall / owned_alignment
Hooking kernel functions by abusing alignment
☆240Updated 4 years ago
Alternatives and similar repositories for owned_alignment:
Users that are interested in owned_alignment are comparing it to the libraries listed below
- a more stable & secure read/write virtual memory for kernel mode drivers☆164Updated 5 years ago
- The program draws with win32k gdi functions in the kernel while NtGdiDdDDISubmitCommand is being hooked.☆282Updated 4 years ago
- Proof of concept on how to bypass some limitations of a manual mapped driver☆168Updated 4 years ago
- Module extending manual mapper☆324Updated 4 years ago
- Emulate Drivers in RING3 with self context mapping or unicorn☆330Updated 2 years ago
- C++17 PE manualmapper☆329Updated 3 years ago
- 09/2021 reversal of EasyAntiCheat driver☆212Updated 3 years ago
- Intercepting DeviceControl via WPP☆131Updated 5 years ago
- ☆139Updated 4 years ago
- driver mapper / capcom wrapper☆219Updated 5 years ago
- An Injector that can inject dll into game process protected by anti cheat using SetWindowsHookEx.☆242Updated 5 years ago
- ☆163Updated 7 years ago
- A customizable process dumper.☆138Updated 5 years ago
- Stealthy UM <-> KM communication system without creating any system threads, permanent hooks, driver objects, section objects or device o…☆370Updated 11 months ago
- manually map driver for a signed driver memory space☆149Updated 4 years ago
- ☆153Updated 5 years ago
- Kernel Inject DLL☆343Updated last year
- A library to manipulate physical memory from usermode.☆291Updated last year
- Kernel mode bypass for BattlEye, EAC☆186Updated last year
- A mapper that maps shellcode into loaded large page drivers☆259Updated 2 years ago
- Vectored Exception Handling Hooking Class☆151Updated 6 years ago
- Easy Anti PatchGuard☆217Updated 3 years ago
- Windows kernel samples☆247Updated 5 years ago
- Minimalistic AMD-V/SVM hypervisor with memory introspection capabilities☆235Updated 2 weeks ago
- ☆183Updated 5 years ago
- SimpleSvmHook is a research purpose hypervisor for Windows on AMD processors.☆373Updated 4 years ago
- Windows inline hooking tool.☆249Updated 6 years ago
- Rendering on external windows via hijacking thread contexts☆381Updated 4 years ago
- This DKOM exploit enables any app in usermode to access physical memory directly☆220Updated 7 years ago
- Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executabl…☆309Updated 3 years ago