xsh3llsh0ck/Deadwing external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

xsh3llsh0ck/Deadwing

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/xsh3llsh0ck/Deadwing)

Close

xsh3llsh0ck / DeadwingView on GitHubMore

• External links
• Readme badge

SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.

☆118Oct 15, 2024Updated last year

Alternatives and similar repositories for Deadwing

Users that are interested in Deadwing are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• xsh3llsh0ck / MilkBox

  View on GitHub
  Tool to dump EFI runtime drivers.
  ☆39Feb 23, 2024Updated 2 years ago
• xsh3llsh0ck / PicoHook

  View on GitHub
  Small driver that uses alternative syscalls feature
  ☆18May 9, 2024Updated 2 years ago
• xsh3llsh0ck / ResilienceKit

  View on GitHub
  Another UEFI runtime bootkit
  ☆37May 8, 2023Updated 3 years ago
• emlinhax / tableflipper

  View on GitHub
  partially disable patchguard up to win11 21H2
  ☆20Jun 3, 2024Updated last year
• tandasat / List-UEFI-Configuration-Tables

  View on GitHub
  List UEFI Configuration Tables
  ☆14May 23, 2024Updated last year
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• SamuelTulach / SecureHack

  View on GitHub
  Cheat for my own game SecureGame which uses a bootkit to hyperjack Hyper-V in order to access VBS enclave's memory
  ☆125Dec 8, 2024Updated last year
• pRain1337 / Hermes

  View on GitHub
  SMM UEFI module and client for UMD privilege escalation
  ☆68May 29, 2025Updated 11 months ago
• Oliver-1-1 / SmmInfect

  View on GitHub
  ☆281Sep 2, 2025Updated 8 months ago
• AmitMoshel1 / PatchGuardEncryptorDriver

  View on GitHub
  A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.
  ☆78Mar 29, 2025Updated last year
• 0mWindyBug / GhostMapperUM

  View on GitHub
  manual map unsigned driver over signed memory
  ☆225Apr 11, 2024Updated 2 years ago
• brew02 / BudgetEPT

  View on GitHub
  Create stealthy, inline, EPT-like hooks using SMAP and SMEP
  ☆63Oct 19, 2024Updated last year
• Oliver-1-1 / EtwKeyboardDetection

  View on GitHub
  ☆37Sep 26, 2024Updated last year
• ioncodes / rapid-kdbg-hyperv

  View on GitHub
  ☆15Mar 13, 2023Updated 3 years ago
• ekknod / smm

  View on GitHub
  alternative smm driver for ryzen motherboards
  ☆194Oct 12, 2024Updated last year
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• can1357 / selene

  View on GitHub
  Kernel-mode Paravirtualization in Ring 2, LLVM based linker, and some other things!
  ☆431Apr 19, 2025Updated last year
• senko37 / drvload-bootkit

  View on GitHub
  EFI bootkit for loading unsigned drivers
  ☆41Jun 28, 2024Updated last year
• vmsplit / checkm8

  View on GitHub
  bypassing intel txt's tboot integrity checks via coreboot shim
  ☆83Mar 15, 2025Updated last year
• stuxnet147 / Win-ZeroTimer

  View on GitHub
  simple zero-dependency timer implementation
  ☆12May 24, 2023Updated 2 years ago
• Oliver-1-1 / DumpDriver

  View on GitHub
  ☆48Jul 7, 2024Updated last year
• DErDYAST1R / NmiCallbackBlocker

  View on GitHub
  Kernel Level NMI Callback Blocker
  ☆174Apr 23, 2026Updated 2 weeks ago
• SamuelTulach / memhv

  View on GitHub
  Minimalistic AMD-V/SVM hypervisor with memory introspection capabilities
  ☆401Feb 26, 2025Updated last year
• un4ckn0wl3z / PCIE-Detector

  View on GitHub
  Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures
  ☆39Sep 22, 2024Updated last year
• vasie1337 / shared-section-driver

  View on GitHub
  Windows kernel driver demonstrating kernel-to-usermode communication via shared memory sections
  ☆103Apr 24, 2026Updated 2 weeks ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• donnaskiez / nmi

  View on GitHub
  nmi stackwalking + module verification
  ☆166Dec 28, 2023Updated 2 years ago
• ByteWhite1x1 / Driver-DKOM

  View on GitHub
  An advanced DKOM for drivers with "DRIVER_OBJECT"
  ☆23Feb 19, 2023Updated 3 years ago
• HyperDbg / RedDbg

  View on GitHub
  Hypervisor-based debugger for AMD processors
  ☆66May 13, 2024Updated last year
• vmi-rs / vmi

  View on GitHub
  Modular and extensible library for Virtual Machine Introspection
  ☆136Updated this week
• intel / unicorn-for-efi

  View on GitHub
  Unicorn Engine port for UEFI firmware
  ☆52Mar 25, 2025Updated last year
• Cr4sh / SmmBackdoorNg

  View on GitHub
  Updated version of System Management Mode backdoor for UEFI based platforms: old dog, new tricks
  ☆364Nov 3, 2023Updated 2 years ago
• zhuhuibeishadiao / WskHttp

  View on GitHub
  Windows kernel drivers simple HTTP library for modern C++
  ☆40Jul 12, 2018Updated 7 years ago
• Xyrem / Yumekage

  View on GitHub
  Demo proof of concept for shadow regions, and implementation of HyperDeceit.
  ☆318May 31, 2023Updated 2 years ago
• colby57 / VMP-Imports-Deobfuscator

  View on GitHub
  VMProtect 2.x-3.x x64 Import Deobfuscator
  ☆454Oct 22, 2025Updated 6 months ago
• Open source password manager - Proton Pass • Ad
  Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
• Air14 / SmmLoader

  View on GitHub
  Runtime smm module loader
  ☆39Jan 12, 2023Updated 3 years ago
• connorjaydunn / BinaryShield

  View on GitHub
  An x86-64 Code Virtualizer
  ☆315Sep 26, 2024Updated last year
• notcpuid / EasyHook

  View on GitHub
  simple trampoline hooking PoC
  ☆15Nov 8, 2023Updated 2 years ago
• xsh3llsh0ck / Calamity

  View on GitHub
  Example of using Windows Platform Binary Table (WPBT)
  ☆28Jul 9, 2023Updated 2 years ago
• NullTerminatorr / NullHook

  View on GitHub
  Kernel driver that .text hooks a syscall in dxgkrnl.sys which can be called from our user-mode client to send instructions like rpm/wpm a…
  ☆217Dec 16, 2022Updated 3 years ago
• tandasat / Hello-VT-rp

  View on GitHub
  A simple hypervisor demonstrating the use of the Intel VT-rp (redirect protection) technology.
  ☆113Mar 28, 2024Updated 2 years ago
• MmMapIoSpace / UCMapper

  View on GitHub
  Unknowncheats Magically Optimized Tidy Mapper using nvaudio
  ☆154Jun 11, 2024Updated last year