xsh3llsh0ck/Deadwing external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

xsh3llsh0ck/Deadwing

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/xsh3llsh0ck/Deadwing)

Close

xsh3llsh0ck / DeadwingView on GitHubMore

• External links
• Readme badge

SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.

☆122Oct 15, 2024Updated last year

Alternatives and similar repositories for Deadwing

Users that are interested in Deadwing are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• xsh3llsh0ck / MilkBox

  View on GitHub
  Tool to dump EFI runtime drivers.
  ☆39Feb 23, 2024Updated 2 years ago
• xsh3llsh0ck / PicoHook

  View on GitHub
  Small driver that uses alternative syscalls feature
  ☆18May 9, 2024Updated 2 years ago
• xsh3llsh0ck / ResilienceKit

  View on GitHub
  Another UEFI runtime bootkit
  ☆38May 8, 2023Updated 3 years ago
• emlinhax / tableflipper

  View on GitHub
  partially disable patchguard up to win11 21H2
  ☆21Jun 3, 2024Updated 2 years ago
• tandasat / List-UEFI-Configuration-Tables

  View on GitHub
  List UEFI Configuration Tables
  ☆14May 23, 2024Updated 2 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• SamuelTulach / SecureHack

  View on GitHub
  Cheat for my own game SecureGame which uses a bootkit to hyperjack Hyper-V in order to access VBS enclave's memory
  ☆126Dec 8, 2024Updated last year
• pRain1337 / Hermes

  View on GitHub
  SMM UEFI module and client for UMD privilege escalation
  ☆72May 29, 2025Updated last year
• Oliver-1-1 / SmmInfect

  View on GitHub
  ☆292Sep 2, 2025Updated 9 months ago
• AmitMoshel1 / PatchGuardEncryptorDriver

  View on GitHub
  A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.
  ☆78Mar 29, 2025Updated last year
• 0mWindyBug / GhostMapperUM

  View on GitHub
  manual map unsigned driver over signed memory
  ☆231Apr 11, 2024Updated 2 years ago
• brew02 / BudgetEPT

  View on GitHub
  Create stealthy, inline, EPT-like hooks using SMAP and SMEP
  ☆64Oct 19, 2024Updated last year
• Oliver-1-1 / EtwKeyboardDetection

  View on GitHub
  ☆38Sep 26, 2024Updated last year
• ioncodes / rapid-kdbg-hyperv

  View on GitHub
  ☆14Mar 13, 2023Updated 3 years ago
• can1357 / selene

  View on GitHub
  Kernel-mode Paravirtualization in Ring 2, LLVM based linker, and some other things!
  ☆441Apr 19, 2025Updated last year
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• ekknod / smm

  View on GitHub
  alternative smm driver for ryzen motherboards
  ☆199Oct 12, 2024Updated last year
• senko37 / drvload-bootkit

  View on GitHub
  EFI bootkit for loading unsigned drivers
  ☆41Jun 28, 2024Updated last year
• vmsplit / checkm8

  View on GitHub
  bypassing intel txt's tboot integrity checks via coreboot shim
  ☆83Mar 15, 2025Updated last year
• stuxnet147 / Win-ZeroTimer

  View on GitHub
  simple zero-dependency timer implementation
  ☆12May 24, 2023Updated 3 years ago
• Oliver-1-1 / DumpDriver

  View on GitHub
  ☆48Jul 7, 2024Updated last year
• DErDYAST1R / NmiCallbackBlocker

  View on GitHub
  Kernel Level NMI Callback Blocker
  ☆183Apr 23, 2026Updated last month
• SamuelTulach / memhv

  View on GitHub
  Minimalistic AMD-V/SVM hypervisor with memory introspection capabilities
  ☆417Feb 26, 2025Updated last year
• un4ckn0wl3z / PCIE-Detector

  View on GitHub
  Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures
  ☆38Sep 22, 2024Updated last year
• donnaskiez / nmi

  View on GitHub
  nmi stackwalking + module verification
  ☆170Dec 28, 2023Updated 2 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• vasie1337 / shared-section-driver

  View on GitHub
  Windows kernel driver demonstrating kernel-to-usermode communication via shared memory sections
  ☆107Apr 24, 2026Updated last month
• ByteWhite1x1 / Driver-DKOM

  View on GitHub
  An advanced DKOM for drivers with "DRIVER_OBJECT"
  ☆23Feb 19, 2023Updated 3 years ago
• HyperDbg / RedDbg

  View on GitHub
  Hypervisor-based debugger for AMD processors
  ☆67May 13, 2024Updated 2 years ago
• vmi-rs / vmi

  View on GitHub
  Modular and extensible library for Virtual Machine Introspection
  ☆146Jun 11, 2026Updated last week
• intel / unicorn-for-efi

  View on GitHub
  Unicorn Engine port for UEFI firmware
  ☆53Mar 25, 2025Updated last year
• Cr4sh / SmmBackdoorNg

  View on GitHub
  Updated version of System Management Mode backdoor for UEFI based platforms: old dog, new tricks
  ☆370Nov 3, 2023Updated 2 years ago
• zhuhuibeishadiao / WskHttp

  View on GitHub
  Windows kernel drivers simple HTTP library for modern C++
  ☆40Jul 12, 2018Updated 7 years ago
• colby57 / VMP-Imports-Deobfuscator

  View on GitHub
  VMProtect 2.x-3.x x64 Import Deobfuscator
  ☆485Oct 22, 2025Updated 7 months ago
• Air14 / SmmLoader

  View on GitHub
  Runtime smm module loader
  ☆39Jan 12, 2023Updated 3 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• Xyrem / Yumekage

  View on GitHub
  Demo proof of concept for shadow regions, and implementation of HyperDeceit.
  ☆320May 31, 2023Updated 3 years ago
• connorjaydunn / BinaryShield

  View on GitHub
  An x86-64 Code Virtualizer
  ☆320Sep 26, 2024Updated last year
• notcpuid / EasyHook

  View on GitHub
  simple trampoline hooking PoC
  ☆15Nov 8, 2023Updated 2 years ago
• xsh3llsh0ck / Calamity

  View on GitHub
  Example of using Windows Platform Binary Table (WPBT)
  ☆28Jul 9, 2023Updated 2 years ago
• MmMapIoSpace / UCMapper

  View on GitHub
  Unknowncheats Magically Optimized Tidy Mapper using nvaudio
  ☆158Jun 11, 2024Updated 2 years ago
• NullTerminatorr / NullHook

  View on GitHub
  Kernel driver that .text hooks a syscall in dxgkrnl.sys which can be called from our user-mode client to send instructions like rpm/wpm a…
  ☆223Dec 16, 2022Updated 3 years ago
• tandasat / Hello-VT-rp

  View on GitHub
  A simple hypervisor demonstrating the use of the Intel VT-rp (redirect protection) technology.
  ☆115Mar 28, 2024Updated 2 years ago