xsh3llsh0ck / DeadwingLinks
SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.
☆86Updated 7 months ago
Alternatives and similar repositories for Deadwing
Users that are interested in Deadwing are comparing it to the libraries listed below
Sorting:
- Tool to dump EFI runtime drivers.☆35Updated last year
- Kernel driver for detecting Intel VT-x hypervisors.☆184Updated last year
- Hooking Windows' exception dispatcher to protect process's PML4☆174Updated 4 months ago
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆121Updated 2 years ago
- DSE & PG bypass via BYOVD attack☆51Updated last year
- Kernel Level NMI Callback Blocker☆90Updated 9 months ago
- A Hyper-V Hacking Framework For Windows 10 x64 (AMD & Intel)☆64Updated last year
- manual map unsigned driver over signed memory☆187Updated last year
- Another UEFI runtime bootkit☆30Updated 2 years ago
- Collection of hypervisor detections☆236Updated 8 months ago
- Using Windows' own bootloader as a shim to bypass Secure Boot☆170Updated 10 months ago
- Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling withou…☆203Updated 7 months ago
- Experiment with PAGE_GUARD protection to hide memory from other processes☆44Updated 11 months ago
- Load dll with undocumented functions and debug symbols☆47Updated 10 months ago
- nmi stackwalking + module verification☆119Updated last year
- ntoskrnl .data hooks for UM-KM communication☆40Updated last year
- C++ macro for x64 programs that breaks ida hex-rays decompiler tool.☆116Updated last year
- Unknowncheats Magically Optimized Tidy Mapper using nvaudio☆124Updated 11 months ago
- Crashes ida on static analyses.☆106Updated last month
- Detects virtual machines and malware analysis environments☆128Updated 2 years ago
- A x86 environment emulator for Windows user and kernel binaries.☆58Updated this week
- Binary rewriter for 64-bit PE files.☆76Updated last year
- Windows PDB parser for kernel-mode environment.☆97Updated 2 years ago
- 🪝 Different aproaches to detecting EPT hooks☆109Updated 3 years ago
- Kernel ReClassEx☆62Updated last year
- An x86-64 code virtualizer for VM based obfuscation☆120Updated 5 months ago
- Using MMIO (Memory-Mapped I/O) to read TPM 2.0 public Endorsement Key.☆40Updated last year
- Shows an example of how to implement VT-d/AMD-Vi on Windows☆116Updated last year
- ☆206Updated this week
- Cheat for my own game SecureGame which uses a bootkit to hyperjack Hyper-V in order to access VBS enclave's memory☆57Updated 5 months ago