Windows 11 kernel research framework demonstrating DSE bypass on Windows 11 25H2 through boot-time execution. Loads unsigned drivers by surgically patching SeCiCallbacks via native subsystem. Includes anti-loop protection and dual-path architecture. Windows 11 25H2 driver signature enforcement bypass
☆82Dec 22, 2025Updated 2 months ago
Alternatives and similar repositories for KernelResearchKit
Users that are interested in KernelResearchKit are comparing it to the libraries listed below
Sorting:
- LibWinHttp is a simplified WinHTTP wrapper designed as a Crystal Palace shared library for implant development. Its primary purpose is to…☆41Nov 4, 2025Updated 3 months ago
- sigreturn-oriented programming (SROP) based sleep obfuscation poc for Linux☆66Dec 15, 2025Updated 2 months ago
- Resolve offsets, gadgets and symbols from NTKernel☆56Jan 15, 2026Updated last month
- Selective In-Memory Syscall Unhooking, a stealthy method to bypass user-mode hooks in ntdll.dll☆25Jul 9, 2025Updated 7 months ago
- Control Flow Linearization☆25May 4, 2025Updated 9 months ago
- Minimalistic HTTP(S) client for the NT kernel☆62Dec 1, 2025Updated 2 months ago
- kASLR bypass technique on Intel CPUs.☆32May 18, 2025Updated 9 months ago
- 对Windbg以Exdi模式下调试windows做一些修复☆21Aug 25, 2023Updated 2 years ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆104Feb 25, 2025Updated last year
- Monitor Kernel pool allocations tags☆77Nov 2, 2023Updated 2 years ago
- 巨硬☆17Oct 4, 2023Updated 2 years ago
- https://www.huorong.cn/☆15Apr 16, 2024Updated last year
- Windows kernel driver that detects hypervisors by probing SIDT/LIDT edge cases, paging/TLB behaviors, privilege transitions, and timing e…☆36Dec 17, 2025Updated 2 months ago
- 🔬 IDA plugin to find patched memory☆83Jan 13, 2026Updated last month
- Implementing Ghostly-Hollowing using tampered syscalls for remote PE injection☆70Dec 26, 2025Updated 2 months ago
- partially disable patchguard up to win11 21H2☆19Jun 3, 2024Updated last year
- Emulate Drivers in RING3 with self context mapping or unicorn☆21Jan 1, 2025Updated last year
- A portable C# utility for enumerating local and remote windows sessions☆55Jan 1, 2026Updated last month
- Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …☆54Dec 30, 2025Updated 2 months ago
- nmi stackwalking + module verification☆162Dec 28, 2023Updated 2 years ago
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆61Oct 19, 2024Updated last year
- Change hash for a signed pe☆17Jul 18, 2023Updated 2 years ago
- Abusing DDMA alongside Copy On Write for Cross Process Code Execution for a 3000$ Bug Bounty☆88Feb 1, 2026Updated 3 weeks ago
- ☆94Oct 25, 2025Updated 4 months ago
- PIC shellcode (C/C++) development toolkit designed for malware developers.☆121Dec 23, 2025Updated 2 months ago
- 可在非测试模式下符号化读取内核内存。Kernel memory can be read symbolically in non test mode。☆109Sep 1, 2022Updated 3 years ago
- Usermode NT Explorer - Query kernel addresses, translate virtual to physical addresses, inspect the PFN database, and more.☆72Jan 27, 2026Updated last month
- ntos shit☆30Feb 15, 2024Updated 2 years ago
- stack based arithmetic only virtual machine (VM) executes bytecode instructions to perform various basic arithmetic operations and manage…☆27Mar 19, 2025Updated 11 months ago
- ☆42Feb 18, 2025Updated last year
- Experiment to use sections as User/Kernelmode comm vector☆22Apr 7, 2023Updated 2 years ago
- ☆108Aug 21, 2024Updated last year
- View Windows System in action☆45Aug 3, 2025Updated 6 months ago
- A tool that supports finding and abusing whitelisted programs to allow arbitrary file writing into the executable folder of Antivirus sof…☆81Nov 1, 2025Updated 3 months ago
- Evasive loader to bypass static detection☆60Jan 15, 2024Updated 2 years ago
- 这篇文章的目的是介绍一款实验性项目基于COM命名管道或者Windows Hyper-V虚拟机Vmbus通道实现的运行在uefi上的windbg调试引擎开发心得☆44Jun 16, 2024Updated last year
- windows kernel pagehook☆41Oct 30, 2022Updated 3 years ago
- BOF to decrypt Signal Desktop chat logs☆71Feb 20, 2025Updated last year
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆66May 2, 2023Updated 2 years ago