void-stack / Hypervisor-Detection
Detects virtual machines and malware analysis environments
☆126Updated 2 years ago
Alternatives and similar repositories for Hypervisor-Detection:
Users that are interested in Hypervisor-Detection are comparing it to the libraries listed below
- Unknowncheats Magically Optimized Tidy Mapper using nvaudio☆121Updated 10 months ago
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆118Updated last year
- An x86-64 code virtualizer for VM based obfuscation☆116Updated 4 months ago
- DSE & PG bypass via BYOVD attack☆50Updated last year
- Example of reading process memory through kernel special APC☆103Updated 2 years ago
- manual map unsigned driver over signed memory☆186Updated last year
- Forked LLVM focused on MSVC Compatibility. This version is designed for windows users☆94Updated 3 weeks ago
- Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver☆167Updated last year
- r/w virtual memory without attach☆167Updated last year
- ☆132Updated 2 years ago
- Use RTCore64 to map your driver on windows 11.☆105Updated 2 months ago
- Bypassing PatchGuard on modern x64 systems☆257Updated 2 years ago
- Kernel driver for detecting Intel VT-x hypervisors.☆182Updated last year
- VMProtect, VMP, Devirter, 3,5☆106Updated 2 years ago
- A devirtualization engine for Themida.☆100Updated last year
- Shows an example of how to implement VT-d/AMD-Vi on Windows☆106Updated last year
- Experiment with PAGE_GUARD protection to hide memory from other processes☆44Updated 10 months ago
- x64 Windows kernel driver mapper, inject unsigned driver using anycall☆149Updated last year
- Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL☆212Updated 4 years ago
- Inline syscalls made for MSVC supporting x64 and WOW64☆179Updated last year
- A simple tool to assemble shellcode ready to be copy-pasted into code☆69Updated 2 years ago
- PoC Anti-Rootkit/Anti-Cheat Driver.☆189Updated 7 months ago
- ☆199Updated 2 years ago
- driver manual mapper powered by https://github.com/estimated1337/lenovo_exec☆110Updated 2 years ago
- 从MmPfnData中枚举进程和页目录基址☆167Updated last year
- TS-Changer - Forces the machine in/out of TestSigning Mode at runtime.☆66Updated last year
- Using Windows' own bootloader as a shim to bypass Secure Boot☆169Updated 9 months ago
- ntoskrnl .data hooks for UM-KM communication☆40Updated 10 months ago
- Virtual and physical memory hacking library using gigabyte vulnerable driver☆71Updated 2 years ago
- ☆73Updated last year