void-stack / Hypervisor-DetectionLinks
Detects virtual machines and malware analysis environments
☆130Updated 2 years ago
Alternatives and similar repositories for Hypervisor-Detection
Users that are interested in Hypervisor-Detection are comparing it to the libraries listed below
Sorting:
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆122Updated 2 years ago
- Unknowncheats Magically Optimized Tidy Mapper using nvaudio☆128Updated last year
- ☆120Updated last year
- DSE & PG bypass via BYOVD attack☆51Updated last year
- manual map unsigned driver over signed memory☆196Updated last year
- load unsigned kernel-driver by patching dse in 248 lines☆124Updated last year
- Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver☆172Updated last year
- Kernel driver for detecting Intel VT-x hypervisors.☆188Updated last year
- x64 Windows kernel driver mapper, inject unsigned driver using anycall☆160Updated last year
- SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.☆88Updated 8 months ago
- Kernel Level NMI Callback Blocker☆99Updated 9 months ago
- A Hyper-V Hacking Framework For Windows 10 x64 (AMD & Intel)☆70Updated last year
- Example of reading process memory through kernel special APC☆107Updated 2 years ago
- Bypassing PatchGuard on modern x64 systems☆261Updated 2 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆113Updated 3 years ago
- An x86-64 code virtualizer for VM based obfuscation☆123Updated 6 months ago
- Hooking Windows' exception dispatcher to protect process's PML4☆178Updated 5 months ago
- Inline syscalls made for MSVC supporting x64 and WOW64☆181Updated last year
- Forked LLVM focused on MSVC Compatibility. This version is designed for windows users☆104Updated 2 months ago
- A simple tool to assemble shellcode ready to be copy-pasted into code☆68Updated 3 years ago
- ☆138Updated 2 years ago
- Use RTCore64 to map your driver on windows 11.☆119Updated last month
- Obfuscate calls to imports by patching in stubs☆69Updated 3 years ago
- Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL☆216Updated 4 years ago
- nmi stackwalking + module verification☆124Updated last year
- PoC Anti-Rootkit/Anti-Cheat Driver.☆201Updated 2 months ago
- CVE-2022-3699 with arbitrary kernel code execution capability☆71Updated 2 years ago
- Experiment with PAGE_GUARD protection to hide memory from other processes☆46Updated last year
- A devirtualization engine for Themida.☆100Updated last year
- DSE bypass using a leaked cert and adjusting the current clock.☆151Updated 2 years ago