Demonstrate calling a kernel function and handle process creation callback against HVCI
☆83Dec 21, 2022Updated 3 years ago
Alternatives and similar repositories for malk
Users that are interested in malk are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- Bypassing kernel patch protection runtime☆22Feb 19, 2023Updated 3 years ago
- ☆31Mar 9, 2024Updated 2 years ago
- A demonstration of hooking into the VMProtect-2 virtual machine☆24Nov 9, 2023Updated 2 years ago
- it's a driver injector or driver loader header lib(Windows)☆12Aug 5, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- An advanced DKOM for drivers with "DRIVER_OBJECT"☆23Feb 19, 2023Updated 3 years ago
- Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible. No …☆24Jun 16, 2024Updated last year
- Hooking Windows' exception dispatcher to protect process's PML4☆242Jan 24, 2025Updated last year
- Enumerate various traits from Windows processes as an aid to threat hunting☆201Jan 13, 2022Updated 4 years ago
- ☆18Mar 28, 2023Updated 3 years ago
- The Windbg extensions to study Hyper-V on Intel and AMD processors.☆173Feb 10, 2026Updated 2 months ago
- Bypassing PatchGuard on modern x64 systems☆267Apr 9, 2023Updated 3 years ago
- ☆10Apr 19, 2026Updated 2 weeks ago
- base for testing☆189Sep 28, 2024Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A library to develop kernel level Windows payloads for post HVCI era☆503May 18, 2021Updated 4 years ago
- ☆23May 8, 2023Updated 2 years ago
- An example code of CiGetCertPublisherName☆16Mar 24, 2022Updated 4 years ago
- ☆198Jul 29, 2024Updated last year
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆267Aug 31, 2022Updated 3 years ago
- Hijack NotifyRoutine for a kernelmode thread☆41Jun 4, 2022Updated 3 years ago
- Reversed WintaPix Malware Source code | That targets countries in the Middle East and abuse KeServiceDescriptorTable(SSDT), persistence a…☆22Jul 6, 2024Updated last year
- Research on Windows Kernel Executive Callback Objects☆318Feb 22, 2020Updated 6 years ago
- ☆70Feb 6, 2025Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Tool to dump EFI runtime drivers.☆39Feb 23, 2024Updated 2 years ago
- Admin to Kernel code execution using the KSecDD driver☆265Apr 19, 2024Updated 2 years ago
- Browse Page Tables on Windows (Page Table Viewer)☆238Apr 2, 2022Updated 4 years ago
- ☆52Aug 23, 2022Updated 3 years ago
- Leveraging TPM2 TCG Logs (Measured Boot) to Detect UEFI Drivers and Pre-Boot Applications☆21Mar 28, 2025Updated last year
- POC Hook of nt!HvcallCodeVa☆55May 8, 2023Updated 2 years ago
- ☆18Feb 6, 2019Updated 7 years ago
- ☆68Aug 31, 2021Updated 4 years ago
- Infect Shared Files In Memory for Lateral Movement☆191Dec 14, 2022Updated 3 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- HyperDeceit is the ultimate all-in-one library that emulates Hyper-V for Windows, giving you the ability to intercept and manipulate oper…☆381Jun 3, 2023Updated 2 years ago
- Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling withou…☆270Mar 16, 2026Updated last month
- Finding Truth in the Shadows☆127Jan 26, 2023Updated 3 years ago
- A library to assist with memory & code protection.☆66Mar 7, 2024Updated 2 years ago
- Exploiting the KsecDD Windows driver through Server Silos☆79Nov 11, 2024Updated last year
- Resolve DOS MZ executable symbols at runtime☆96Nov 12, 2021Updated 4 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆65Jun 19, 2019Updated 6 years ago