xsh3llsh0ck / DeadwingView external linksLinks
SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.
☆118Oct 15, 2024Updated last year
Alternatives and similar repositories for Deadwing
Users that are interested in Deadwing are comparing it to the libraries listed below
Sorting:
- Tool to dump EFI runtime drivers.☆39Feb 23, 2024Updated last year
- Another UEFI runtime bootkit☆36May 8, 2023Updated 2 years ago
- Cheat for my own game SecureGame which uses a bootkit to hyperjack Hyper-V in order to access VBS enclave's memory☆103Dec 8, 2024Updated last year
- Small driver that uses alternative syscalls feature (the project is still under development).☆18May 9, 2024Updated last year
- SMM UEFI module and client for UMD privilege escalation☆65May 29, 2025Updated 8 months ago
- partially disable patchguard up to win11 21H2☆19Jun 3, 2024Updated last year
- ☆264Sep 2, 2025Updated 5 months ago
- ☆15Mar 13, 2023Updated 2 years ago
- manual map unsigned driver over signed memory☆215Apr 11, 2024Updated last year
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆78Mar 29, 2025Updated 10 months ago
- Kernel Level NMI Callback Blocker☆160Sep 27, 2025Updated 4 months ago
- EFI bootkit for loading unsigned drivers☆35Jun 28, 2024Updated last year
- Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures☆38Sep 22, 2024Updated last year
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆60Oct 19, 2024Updated last year
- Kernel-mode Paravirtualization in Ring 2, LLVM based linker, and some other things!☆408Apr 19, 2025Updated 9 months ago
- simple zero-dependency timer implementation☆12May 24, 2023Updated 2 years ago
- bypassing intel txt's tboot integrity checks via coreboot shim☆82Mar 15, 2025Updated 11 months ago
- Minimalistic AMD-V/SVM hypervisor with memory introspection capabilities☆364Feb 26, 2025Updated 11 months ago
- Example of reading process memory through kernel special APC☆110Apr 21, 2023Updated 2 years ago
- This master thesis project continuously collects and analyses Microsoft Windows kernel drivers using static and dynamic methods to help s…☆21Nov 4, 2024Updated last year
- Runtime smm module loader☆35Jan 12, 2023Updated 3 years ago
- Hypervisor-based debugger for AMD processors☆63May 13, 2024Updated last year
- alternative smm driver for ryzen motherboards☆188Oct 12, 2024Updated last year
- An advanced DKOM for drivers with "DRIVER_OBJECT"☆22Feb 19, 2023Updated 2 years ago
- SMM rootkit similar to LoJax or MosaicRegressor☆145Nov 1, 2023Updated 2 years ago
- Unknowncheats Magically Optimized Tidy Mapper using nvaudio☆150Jun 11, 2024Updated last year
- Windows kernel drivers simple HTTP library for modern C++☆40Jul 12, 2018Updated 7 years ago
- Kernel driver that .text hooks a syscall in dxgkrnl.sys which can be called from our user-mode client to send instructions like rpm/wpm a…☆204Dec 16, 2022Updated 3 years ago
- Example of using Windows Platform Binary Table (WPBT)☆27Jul 9, 2023Updated 2 years ago
- A simple hypervisor demonstrating the use of the Intel VT-rp (redirect protection) technology.☆112Mar 28, 2024Updated last year
- ☆39Mar 23, 2023Updated 2 years ago
- ☆37Sep 26, 2024Updated last year
- Windows PDB parser for kernel-mode environment.☆104Jun 7, 2025Updated 8 months ago
- ☆47Jul 7, 2024Updated last year
- The sequel to Voyager☆93Aug 21, 2024Updated last year
- Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.☆377Aug 8, 2021Updated 4 years ago
- nmi stackwalking + module verification☆157Dec 28, 2023Updated 2 years ago
- Hooking Windows' exception dispatcher to protect process's PML4☆225Jan 24, 2025Updated last year
- x64 Windows kernel driver mapper, inject unsigned driver using anycall☆199Feb 14, 2024Updated 2 years ago