xsh3llsh0ck / DeadwingLinks
SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.
☆93Updated 10 months ago
Alternatives and similar repositories for Deadwing
Users that are interested in Deadwing are comparing it to the libraries listed below
Sorting:
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆130Updated 2 years ago
- A x86_64 software emulator☆148Updated last week
- Hooking Windows' exception dispatcher to protect process's PML4☆191Updated 7 months ago
- Tool to dump EFI runtime drivers.☆36Updated last year
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆57Updated 10 months ago
- DSE & PG bypass via BYOVD attack☆59Updated last month
- Kernel Level NMI Callback Blocker☆117Updated last year
- A Hyper-V Hacking Framework For Windows 10 x64 (AMD & Intel)☆82Updated last year
- Using MMIO (Memory-Mapped I/O) to read TPM 2.0 public Endorsement Key.☆49Updated last year
- Kernel driver for detecting Intel VT-x hypervisors.☆189Updated 2 years ago
- Binary rewriter for 64-bit PE files.☆85Updated last year
- ntoskrnl .data hooks for UM-KM communication☆51Updated last year
- Experiment with PAGE_GUARD protection to hide memory from other processes☆48Updated last year
- Detects virtual machines and malware analysis environments☆137Updated 2 years ago
- Another UEFI runtime bootkit☆30Updated 2 years ago
- Using Windows' own bootloader as a shim to bypass Secure Boot☆183Updated last year
- Yet another IDA Pro/Home plugin for deobfuscating stack strings☆67Updated 3 weeks ago
- a minimalistic windows hypervisor for amd processors☆124Updated 3 years ago
- nmi stackwalking + module verification☆131Updated last year
- Kernel ReClassEx☆64Updated last year
- intel vt-x type 2 hypervisor☆56Updated 4 months ago
- Makes IDA (most versions) to crash upon opening it.☆99Updated last year
- C++ macro for x64 programs that breaks ida hex-rays decompiler tool.☆128Updated last year
- Cheat for my own game SecureGame which uses a bootkit to hyperjack Hyper-V in order to access VBS enclave's memory☆76Updated 8 months ago
- 🪝 Various EPT hook detection approaches☆123Updated last month
- Crashes ida on static analyses.☆105Updated 4 months ago
- Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling withou…☆226Updated 10 months ago
- Simple, fast and lightweight Header-Only C++ Assembler Library☆114Updated 2 weeks ago
- Windows PDB parser for kernel-mode environment.☆102Updated 2 months ago
- EFI bootkit for loading unsigned drivers☆20Updated last year