vmctx / guardian-rsLinks
x86-64 code/pe virtualizer
☆188Updated 6 months ago
Alternatives and similar repositories for guardian-rs
Users that are interested in guardian-rs are comparing it to the libraries listed below
Sorting:
- Collection of hypervisor detections☆236Updated 8 months ago
- x86-64 virtualizing obfuscator written in Rust☆77Updated last year
- An x86-64 Code Virtualizer☆262Updated 8 months ago
- Hooking Windows' exception dispatcher to protect process's PML4☆174Updated 4 months ago
- compile-time control flow obfuscation using mba☆185Updated last year
- Demo proof of concept for shadow regions, and implementation of HyperDeceit.☆279Updated 2 years ago
- ☆206Updated this week
- Kernel driver for detecting Intel VT-x hypervisors.☆184Updated last year
- Rusty Hypervisor - Windows UEFI Blue Pill Type-1 Hypervisor in Rust (Codename: Illusion)☆263Updated 9 months ago
- Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling withou…☆203Updated 7 months ago
- C++ macro for x64 programs that breaks ida hex-rays decompiler tool.☆116Updated last year
- Native code virtualizer for x64 binaries☆483Updated 5 months ago
- Debugger Anti-Detection Benchmark☆333Updated last year
- Minimalistic AMD-V/SVM hypervisor with memory introspection capabilities☆262Updated 3 months ago
- x86 PE Mutator☆219Updated 2 years ago
- A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.☆136Updated 3 years ago
- Browse Page Tables on Windows (Page Table Viewer)☆202Updated 3 years ago
- ☆289Updated 3 weeks ago
- A devirtualization engine for Themida.☆100Updated last year
- Crashes ida on static analyses.☆106Updated last month
- Makes IDA (most versions) to crash upon opening it.☆88Updated 9 months ago
- manual map unsigned driver over signed memory☆187Updated last year
- ☆44Updated 2 years ago
- x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration☆322Updated 2 years ago
- ☆143Updated 4 years ago
- C++ library for parsing and manipulating PE files statically and dynamically.☆87Updated last year
- State of the art DLL injector that took 20 minutes to make☆216Updated last year
- nmi stackwalking + module verification☆119Updated last year
- A mapper that maps shellcode into loaded large page drivers☆279Updated 3 years ago
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆280Updated 7 months ago