bootkit驱动映射,三环进程注入加载指定模块
☆14Oct 8, 2024Updated last year
Alternatives and similar repositories for UGuardMap
Users that are interested in UGuardMap are comparing it to the libraries listed below
Sorting:
- A SOCKS5-configured syscall hook that allows transparent TCP proxying on Windows for IPv4 and IPv6.☆26Jul 9, 2021Updated 4 years ago
- My POC implementation of HVNC (Hidden VNC / Hidden Desktop)☆28Dec 30, 2024Updated last year
- Blocking Windows EDR agents by registering an own IPC-object in the Object Manager’s namespace (CVE-2023-3280, CVE-2024-5909, CVE-2024-20…☆35Feb 27, 2025Updated last year
- Clr Injection for x64 and x86. Inject C# into Managed or Unmanaged Processes.☆18Sep 7, 2024Updated last year
- ☆11Feb 19, 2023Updated 3 years ago
- wfp2socks☆11Sep 11, 2025Updated 5 months ago
- VTable dumper for IDA 7.7+☆18Jun 19, 2025Updated 8 months ago
- windows rootkit☆60May 2, 2024Updated last year
- ☆15Mar 13, 2023Updated 2 years ago
- An example code of CiGetCertPublisherName☆16Mar 24, 2022Updated 3 years ago
- https://www.huorong.cn/☆15Apr 16, 2024Updated last year
- Manually maps a DLL & replaces a target process's entry point.☆22Mar 1, 2025Updated last year
- ☆14Dec 3, 2022Updated 3 years ago
- partially disable patchguard up to win11 21H2☆19Jun 3, 2024Updated last year
- A working version of this tutorial: https://docs.microsoft.com/en-us/windows/desktop/rpc/tutorial☆16Jun 22, 2019Updated 6 years ago
- 一款linux下的安全产品目的是满足个人安全需求有SSH爆破防护和SYN攻击扫描防护功能,基于netfilter,☆23Dec 2, 2023Updated 2 years ago
- ☆45Sep 25, 2024Updated last year
- Windows kernel debugger for Linux hosts running Windows under KVM/QEMU☆132Feb 28, 2026Updated last week
- Another wow64ext to try to be compatible with WOW64 for all architectures.☆98Jan 1, 2026Updated 2 months ago
- ntoskrnl .data hooks for UM-KM communication☆54May 26, 2024Updated last year
- NovaHypervisor is a defensive x64 Intel host based hypervisor. The goal of this project is to protect against kernel based attacks (eithe…☆253Feb 19, 2026Updated 2 weeks ago
- shellcode生成框架☆90Jul 11, 2024Updated last year
- cr3 shuffle driver☆79Mar 24, 2024Updated last year
- WinDbg-Samples ExdiGdbSrv fork 修复了一部分Vmware调试的问题☆32Jul 10, 2023Updated 2 years ago
- Minimalistic HTTP(S) client for the NT kernel☆62Dec 1, 2025Updated 3 months ago
- Feature-rich C99 library for memory scanning purposes, designed for Windows running machines, meant to work on both 32-bit and 64-bit por…☆31Feb 7, 2026Updated 3 weeks ago
- 学习windows驱动相关☆23Jul 31, 2019Updated 6 years ago
- A work in progress of constructing a minimal http(s) beacon for Cobalt Strike.☆27Apr 28, 2022Updated 3 years ago
- Patches DSE by swapping both data ptrs located in SeValidateImageHeader && SeValidateImageData☆23Feb 9, 2024Updated 2 years ago
- 编译时混淆字符串,以确保生成的二进制PE不会暴漏明文字符串。(C++ 14 及以上)☆29Sep 30, 2021Updated 4 years ago
- ☆37Nov 8, 2024Updated last year
- A library to assist with memory & code protection.☆66Mar 7, 2024Updated last year
- This is an EfiGuard BootLoader that can boot EfiGuard from Usermode with no USB or Setup as a Single Executable with automatic File Dumpi…☆71Sep 27, 2025Updated 5 months ago
- Mixed Boolean-Arithmetic in Rust for WebAssembly☆30Jun 14, 2025Updated 8 months ago
- Integration of Microsoft Warbird with the MSVC compiler☆132Jul 16, 2023Updated 2 years ago
- ida pro collapse plugin☆30Jul 26, 2023Updated 2 years ago
- 关于intel和amd指令行为不一样这件事☆62Apr 15, 2022Updated 3 years ago
- The Universal C++ RunTime library, supporting kernel-mode C++ exception-handler and STL.☆131Aug 26, 2025Updated 6 months ago
- This tool Decrypt and Extract the files from the EAC☆86Feb 17, 2026Updated 2 weeks ago