Detects virtual machines and malware analysis environments
β146Oct 18, 2022Updated 3 years ago
Alternatives and similar repositories for Hypervisor-Detection
Users that are interested in Hypervisor-Detection are comparing it to the libraries listed below
Sorting:
- Kernel driver for detecting Intel VT-x hypervisors.β197Jul 11, 2023Updated 2 years ago
- πͺ Various EPT hook detection approachesβ143Updated this week
- Windows kernel driver that detects hypervisors by probing SIDT/LIDT edge cases, paging/TLB behaviors, privilege transitions, and timing eβ¦β36Dec 17, 2025Updated 2 months ago
- kernel mode anti cheatβ637Aug 4, 2024Updated last year
- A mapper that maps shellcode into loaded large page driversβ324Apr 26, 2022Updated 3 years ago
- A simple python script to check evil Visual Studio projectsβ21Oct 13, 2023Updated 2 years ago
- a monitoring windows driver calls kernel api toolsβ126Jul 5, 2024Updated last year
- Me fockin' pe protectorβ45Nov 19, 2022Updated 3 years ago
- Collection of hypervisor detectionsβ296Sep 25, 2024Updated last year
- EDR PoC WIP LLCβ10Feb 9, 2024Updated 2 years ago
- Browse Page Tables on Windows (Page Table Viewer)β234Apr 2, 2022Updated 3 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuardβ268Aug 31, 2022Updated 3 years ago
- Cheat for my own game SecureGame which uses a bootkit to hyperjack Hyper-V in order to access VBS enclave's memoryβ103Dec 8, 2024Updated last year
- A demonstration of hooking into the VMProtect-2 virtual machineβ24Nov 9, 2023Updated 2 years ago
- Executes Read/Write process memory with `NtQueryCompositionSurfaceStatistics`β23Feb 10, 2024Updated 2 years ago
- etw hook (syscall/infinity hook) compatible with the latest Windows version of PGβ324Apr 27, 2024Updated last year
- β223Mar 11, 2023Updated 2 years ago
- protector & obfuscator & code virtualizerβ679Updated this week
- Anti-Rootkit/Anti-Cheat Driver to uncover unbacked or hidden kernel code.β297Dec 10, 2025Updated 2 months ago
- Recursive and arbitrary code execution at kernel-level without a system thread creationβ159Apr 13, 2023Updated 2 years ago
- Lightweight Intel VT-x Hypervisor.β661Dec 17, 2024Updated last year
- β360May 11, 2025Updated 9 months ago
- Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.β382Aug 8, 2021Updated 4 years ago
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.β78Mar 29, 2025Updated 10 months ago
- β307May 11, 2023Updated 2 years ago
- Example driver on how to use SKLibβ70Nov 20, 2024Updated last year
- Hardware IDβ66Apr 21, 2022Updated 3 years ago
- β18Jan 11, 2026Updated last month
- Standard Kernel Library for Windows manipulation in C++β199Jun 18, 2025Updated 8 months ago
- windows kernel pagehookβ41Oct 30, 2022Updated 3 years ago
- Reimplementation of Microsoft's Warbird obuscatorβ203Jun 24, 2024Updated last year
- How Meltdown and Spectre haunt Anti-Cheat: DVRT detailsβ22Aug 21, 2024Updated last year
- VMProtect, VMP, Devirter, 3,5β112Jan 30, 2023Updated 3 years ago
- Rusty Hypervisor - Windows UEFI Blue Pill Type-1 Hypervisor in Rust (Codename: Illusion)β340Aug 31, 2024Updated last year
- An x86-64 Code Virtualizerβ304Sep 26, 2024Updated last year
- Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executablβ¦β385Jan 29, 2022Updated 4 years ago
- Turn off PatchGuard in real time for win7 (7600) ~ laterβ1,037Apr 21, 2022Updated 3 years ago
- x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstrationβ386Jul 6, 2022Updated 3 years ago
- Demo proof of concept for shadow regions, and implementation of HyperDeceit.β314May 31, 2023Updated 2 years ago