SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.
☆119Oct 15, 2024Updated last year
Alternatives and similar repositories for Deadwing
Users that are interested in Deadwing are comparing it to the libraries listed below
Sorting:
- Tool to dump EFI runtime drivers.☆39Feb 23, 2024Updated 2 years ago
- Another UEFI runtime bootkit☆37May 8, 2023Updated 2 years ago
- Small driver that uses alternative syscalls feature☆18May 9, 2024Updated last year
- Cheat for my own game SecureGame which uses a bootkit to hyperjack Hyper-V in order to access VBS enclave's memory☆113Dec 8, 2024Updated last year
- SMM UEFI module and client for UMD privilege escalation☆66May 29, 2025Updated 9 months ago
- partially disable patchguard up to win11 21H2☆19Jun 3, 2024Updated last year
- ☆275Sep 2, 2025Updated 6 months ago
- ☆15Mar 13, 2023Updated 2 years ago
- manual map unsigned driver over signed memory☆222Apr 11, 2024Updated last year
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆78Mar 29, 2025Updated 11 months ago
- Kernel Level NMI Callback Blocker☆164Sep 27, 2025Updated 5 months ago
- Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures☆38Sep 22, 2024Updated last year
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆61Oct 19, 2024Updated last year
- simple zero-dependency timer implementation☆12May 24, 2023Updated 2 years ago
- Kernel-mode Paravirtualization in Ring 2, LLVM based linker, and some other things!☆408Apr 19, 2025Updated 10 months ago
- EFI bootkit for loading unsigned drivers☆39Jun 28, 2024Updated last year
- bypassing intel txt's tboot integrity checks via coreboot shim☆83Mar 15, 2025Updated 11 months ago
- Minimalistic AMD-V/SVM hypervisor with memory introspection capabilities☆376Feb 26, 2025Updated last year
- This master thesis project continuously collects and analyses Microsoft Windows kernel drivers using static and dynamic methods to help s…☆21Nov 4, 2024Updated last year
- Example of reading process memory through kernel special APC☆111Apr 21, 2023Updated 2 years ago
- Runtime smm module loader☆37Jan 12, 2023Updated 3 years ago
- Hypervisor-based debugger for AMD processors☆63May 13, 2024Updated last year
- alternative smm driver for ryzen motherboards☆189Oct 12, 2024Updated last year
- An advanced DKOM for drivers with "DRIVER_OBJECT"☆22Feb 19, 2023Updated 3 years ago
- SMM rootkit similar to LoJax or MosaicRegressor☆146Nov 1, 2023Updated 2 years ago
- Unknowncheats Magically Optimized Tidy Mapper using nvaudio☆153Jun 11, 2024Updated last year
- Windows kernel drivers simple HTTP library for modern C++☆40Jul 12, 2018Updated 7 years ago
- Kernel driver that .text hooks a syscall in dxgkrnl.sys which can be called from our user-mode client to send instructions like rpm/wpm a…☆211Dec 16, 2022Updated 3 years ago
- Example of using Windows Platform Binary Table (WPBT)☆27Jul 9, 2023Updated 2 years ago
- A simple hypervisor demonstrating the use of the Intel VT-rp (redirect protection) technology.☆114Mar 28, 2024Updated last year
- ☆41Mar 23, 2023Updated 2 years ago
- ☆37Sep 26, 2024Updated last year
- ☆47Jul 7, 2024Updated last year
- Windows PDB parser for kernel-mode environment.☆110Jun 7, 2025Updated 9 months ago
- The sequel to Voyager☆97Aug 21, 2024Updated last year
- Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.☆385Aug 8, 2021Updated 4 years ago
- nmi stackwalking + module verification☆163Dec 28, 2023Updated 2 years ago
- x64 Windows kernel driver mapper, inject unsigned driver using anycall☆203Feb 14, 2024Updated 2 years ago
- Hooking Windows' exception dispatcher to protect process's PML4☆227Jan 24, 2025Updated last year