whitephone / Windows-RootkitsLinks
☆26Updated 7 years ago
Alternatives and similar repositories for Windows-Rootkits
Users that are interested in Windows-Rootkits are comparing it to the libraries listed below
Sorting:
- map driver to memory☆26Updated 6 years ago
- Protected Process Light Library☆18Updated 5 years ago
- For Example. See Miro's Blog☆30Updated 2 years ago
- intel vt-x hypervisor ept☆25Updated 5 years ago
- windows rpc 使用MIDL+RPC实现HelloWorld☆23Updated 7 years ago
- 粗暴地枚举管理内核的WFP对象。 Manage kernel WFPs in a brutal way.☆27Updated 7 years ago
- ☆35Updated 4 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆24Updated 3 years ago
- Load Dll into Kernel space☆38Updated 2 years ago
- Driver Loader/BE Bypass/Win Malware(lol)☆34Updated 6 years ago
- PEBFake(修改PEB 伪装当前进程路径、参数等)☆51Updated 4 years ago
- x64 Kernel Hooks Detection☆24Updated 8 years ago
- a simple intel vt code both support x86 & x64. PatchGuard monitor.☆75Updated 3 years ago
- windows inlinehook R3 R0☆11Updated 7 years ago
- win32/x64 obfuscate framework☆32Updated 6 years ago
- ☆24Updated 6 years ago
- Polymorphic Stub Creator☆33Updated 8 years ago
- x86/x64 dll injector☆30Updated 3 years ago
- Rookit and anti rookit on Windows platform☆12Updated last year
- using gpuz to load driver☆34Updated 6 years ago
- EtwHook for win7-win11;☆20Updated 2 years ago
- kernel-mode TDI client which can send and receive HTTP requests☆55Updated 7 years ago
- 大表哥的Syscall-Monitor☆34Updated 5 years ago
- fork HoShiMin Avanguard☆20Updated 6 years ago
- Simple header only library to change return address on current stack frame.☆24Updated 8 years ago
- Скрытие строки от отладчиков и декомпиляторов☆50Updated 5 years ago
- Example of hijacking system calls via function pointer tables☆31Updated 3 years ago
- A kernel mode Windows rootkit in development.☆49Updated 3 years ago
- What makes it page☆17Updated 2 years ago
- ☆27Updated 2 years ago