xsh3llsh0ck / DeadwingLinks
SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.
☆94Updated 11 months ago
Alternatives and similar repositories for Deadwing
Users that are interested in Deadwing are comparing it to the libraries listed below
Sorting:
- Hooking Windows' exception dispatcher to protect process's PML4☆196Updated 7 months ago
- Tool to dump EFI runtime drivers.☆37Updated last year
- A x86_64 software emulator☆149Updated 3 weeks ago
- Kernel Level NMI Callback Blocker☆119Updated last year
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆129Updated 2 years ago
- ntoskrnl .data hooks for UM-KM communication☆51Updated last year
- DSE & PG bypass via BYOVD attack☆62Updated 2 months ago
- A Hyper-V Hacking Framework For Windows 10 x64 (AMD & Intel)☆85Updated 2 years ago
- Kernel driver for detecting Intel VT-x hypervisors.☆190Updated 2 years ago
- intel vt-x type 2 hypervisor☆56Updated 5 months ago
- Experiment with PAGE_GUARD protection to hide memory from other processes☆49Updated last year
- nmi stackwalking + module verification☆131Updated last year
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆59Updated 11 months ago
- Yet another IDA Pro/Home plugin for deobfuscating stack strings☆72Updated last month
- Using Windows' own bootloader as a shim to bypass Secure Boot☆187Updated last year
- Binary rewriter for 64-bit PE files.☆84Updated last year
- Using MMIO (Memory-Mapped I/O) to read TPM 2.0 public Endorsement Key.☆49Updated last year
- a minimalistic windows hypervisor for amd processors☆125Updated 3 years ago
- Kernel ReClassEx☆64Updated last year
- Detects virtual machines and malware analysis environments☆137Updated 2 years ago
- Crashes ida on static analyses.☆104Updated 4 months ago
- C++ macro for x64 programs that breaks ida hex-rays decompiler tool.☆127Updated last year
- manual map unsigned driver over signed memory☆201Updated last year
- Cheat for my own game SecureGame which uses a bootkit to hyperjack Hyper-V in order to access VBS enclave's memory☆77Updated 9 months ago
- Another UEFI runtime bootkit☆31Updated 2 years ago
- Windows PDB parser for kernel-mode environment.☆98Updated 3 months ago
- An x86-64 code virtualizer for VM based obfuscation☆135Updated 9 months ago
- PoC Anti-Rootkit/Anti-Cheat Driver.☆218Updated 4 months ago
- Makes IDA (most versions) to crash upon opening it.☆101Updated last year
- compile-time control flow obfuscation using mba☆192Updated 2 years ago