vmctx / guardian-rs
x86-64 code/pe virtualizer
☆151Updated last month
Related projects: ⓘ
- x86-64 virtualizing obfuscator written in Rust☆57Updated 10 months ago
- Minimalistic AMD-V/SVM hypervisor with memory introspection capabilities☆168Updated 3 months ago
- Demo proof of concept for shadow regions, and implementation of HyperDeceit.☆260Updated last year
- Kernel driver for detecting Intel VT-x hypervisors.☆167Updated last year
- A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.☆111Updated 2 years ago
- compile-time control flow obfuscation using mba☆172Updated last year
- Debugger Anti-Detection Benchmark☆283Updated 9 months ago
- Rusty Hypervisor - Windows UEFI Blue Pill Type-1 Hypervisor in Rust (Codename: Illusion)☆222Updated 2 weeks ago
- A devirtualization engine for Themida.☆81Updated 6 months ago
- Browse Page Tables on Windows (Page Table Viewer)☆178Updated 2 years ago
- C++ library for parsing and manipulating PE files statically and dynamically.☆82Updated 11 months ago
- Native code virtualizer for x64 binaries☆355Updated this week
- ☆135Updated 3 years ago
- Deobfuscation via optimization with usage of LLVM IR and parsing assembly.☆308Updated last week
- Memory hacking library powered by AMD SVM☆290Updated last year
- x86 PE Mutator☆211Updated last year
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆251Updated 2 years ago
- load unsigned kernel-driver by patching dse in 248 lines☆96Updated 5 months ago
- x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration☆214Updated 2 years ago
- Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling withou…☆151Updated 2 months ago
- [WIP] A forked version of LLVM that prioritizes MSVC compatibility. This version is tailored for Windows users.☆200Updated this week
- Global user-mode hooking framework, based on AppInit_DLLs. The goal is to allow you to rapidly develop hooks to inject in an arbitrary pr…☆156Updated 2 years ago
- State of the art DLL injector that took 20 minutes to make☆195Updated last year
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆133Updated 2 years ago
- ☆212Updated last week
- Check your detection vectors☆132Updated last year
- Load your driver like win32k.sys☆242Updated 2 years ago
- ☆137Updated this week
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆49Updated 7 months ago
- VM devirtualization PoC based on AsmJit and llvm☆102Updated 3 years ago