KVC enables unsigned driver loading via DSE bypass (g_CiOptions patch, skci.dll hijack, SeCiCallbacks redirection) and PP/PPL manipulation for LSASS memory dumping on modern Windows with HVCI/VBS.
☆168Feb 26, 2026Updated this week
Alternatives and similar repositories for kvc
Users that are interested in kvc are comparing it to the libraries listed below
Sorting:
- Prevent in-process process termination by patching exit APIs☆63Nov 9, 2025Updated 3 months ago
- kASLR bypass technique on Intel CPUs.☆32May 18, 2025Updated 9 months ago
- anti cheat drv open source☆19Apr 18, 2024Updated last year
- ☆108Aug 21, 2024Updated last year
- Fast Windows post-exploitation wins after initial access.☆29Jan 28, 2026Updated last month
- A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and …☆334Mar 6, 2025Updated 11 months ago
- sideloading PoC using onedrive.exe & version.dll☆91Oct 30, 2025Updated 4 months ago
- A working version of this tutorial: https://docs.microsoft.com/en-us/windows/desktop/rpc/tutorial☆16Jun 22, 2019Updated 6 years ago
- poc for cve-2025-53772☆46Dec 10, 2025Updated 2 months ago
- A Windows tool that converts LDIF files to BloodHound CE☆27Dec 20, 2025Updated 2 months ago
- Ryūjin Protector - Is a Intel Arch - BIN2BIN - PE Obfuscation/Protection/DRM tool☆303Nov 20, 2025Updated 3 months ago
- A C and Go /proc/pid/maps cloak of invisibilty for shared object files☆21Nov 19, 2025Updated 3 months ago
- ☆11Jan 8, 2022Updated 4 years ago
- ☆159May 5, 2025Updated 9 months ago
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆78Mar 29, 2025Updated 11 months ago
- Reflective DLL Injection Made Bella☆249Jan 6, 2025Updated last year
- ☆14May 9, 2017Updated 8 years ago
- A tracker DLL which enables 'NTAPI->Syscall' tracking whenever it is loaded. It calls 'NtSetInformationProcess' API call with a callback …☆14Oct 21, 2024Updated last year
- Evade behavioral analysis by executing malicious code within trusted Microsoft call stacks, patchless hooking library IAT/EAT.☆131Dec 8, 2025Updated 2 months ago
- A tool designed to hook into Windows applications and output named (and anonymous?) pipe traffic.☆15Feb 27, 2024Updated 2 years ago
- Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…☆272Oct 31, 2024Updated last year
- A simple C++ Windows tool to get information about processes exposing named pipes.☆40Mar 6, 2025Updated 11 months ago
- A portable C# utility for enumerating local and remote windows sessions☆56Jan 1, 2026Updated 2 months ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆409Jan 11, 2026Updated last month
- Dynamically resolve API function addresses at runtime in a secure manner.☆72Nov 11, 2025Updated 3 months ago
- A work in progress BOF/COFF loader in Rust☆50Mar 22, 2023Updated 2 years ago
- Anti-Rootkit/Anti-Cheat Driver to uncover unbacked or hidden kernel code.☆297Dec 10, 2025Updated 2 months ago
- Generate backdoored RSA keys using SETUP☆234Dec 1, 2025Updated 3 months ago
- ☆61Oct 24, 2025Updated 4 months ago
- Abusing DDMA alongside Copy On Write for Cross Process Code Execution for a 3000$ Bug Bounty☆88Feb 1, 2026Updated last month
- MalwareScan is a lightweight and fast malware scanner written in Python. It supports both Windows and Linux platforms and provides an ope…☆13Jun 2, 2025Updated 9 months ago
- Minimalistic HTTP(S) client for the NT kernel☆62Dec 1, 2025Updated 3 months ago
- IAT-Obfuscation to make static analysis of executable harder.☆44Sep 6, 2021Updated 4 years ago
- A Windows Named Pipe Multi-tool / Proxy☆300Dec 7, 2025Updated 2 months ago
- Proof of concepts demonstrating some aspects of the Windows kernel shadow stack mitigation.☆54Jun 2, 2025Updated 9 months ago
- Windows 11 kernel research framework demonstrating DSE bypass on Windows 11 25H2 through boot-time execution. Loads unsigned drivers by s…☆82Dec 22, 2025Updated 2 months ago
- PIC shellcode (C/C++) development toolkit designed for malware developers.☆122Dec 23, 2025Updated 2 months ago
- 这篇文章的目的是介绍一款实验性项目基于COM命名管道或者Windows Hyper-V虚拟机Vmbus通道实现的运行在uefi上的windbg调试引擎开发心得☆44Jun 16, 2024Updated last year
- Threadless shellcode injection tool☆68Aug 5, 2024Updated last year