xsh3llsh0ck / ResilienceKitLinks
Another UEFI runtime bootkit
☆30Updated 2 years ago
Alternatives and similar repositories for ResilienceKit
Users that are interested in ResilienceKit are comparing it to the libraries listed below
Sorting:
- Tool to dump EFI runtime drivers.☆35Updated last year
- UEFI bootkit: Hardware Implant. In-Progress☆15Updated 3 years ago
- windows rootkit☆60Updated last year
- EFI bootkit for loading unsigned drivers☆19Updated 11 months ago
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆37Updated 7 months ago
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆47Updated 2 years ago
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆121Updated 2 years ago
- Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible. No …☆18Updated 11 months ago
- Compact MBR Bootkit for Windows☆53Updated 3 years ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆65Updated last year
- An extended proof-of-concept for the CVE-2021-21551 Dell ‘dbutil_2_3.sys’ Kernel Exploit☆24Updated 3 years ago
- Binary rewriter for 64-bit PE files.☆76Updated last year
- intel vt-x type 2 hypervisor☆55Updated last month
- SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.☆86Updated 7 months ago
- POC Hook of nt!HvcallCodeVa☆52Updated 2 years ago
- ☆30Updated 8 months ago
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆55Updated 2 years ago
- detect hypervisor with Nmi Callback☆34Updated 2 years ago
- Windows PDB parser for kernel-mode environment.☆97Updated 2 years ago
- Kernel ReClassEx☆62Updated last year
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆40Updated 3 years ago
- Compileable POC of namazso's x64 return address spoofer.☆52Updated 4 years ago
- Win64 UEFI Driver-based tool for unrestricted memory R/W☆27Updated 3 years ago
- PAGE_GUARD based hooking library☆46Updated 2 years ago
- A x86 environment emulator for Windows user and kernel binaries.☆58Updated this week
- Small driver that uses alternative syscalls feature (the project is still under development).☆15Updated last year
- Example of using Windows Platform Binary Table (WPBT)☆20Updated last year
- A poc that abuses Enclave☆38Updated 2 years ago
- A simple direct syscall wrapper written in C++ with compatibility for x86 and x64 programs.☆50Updated 3 months ago
- Load dll with undocumented functions and debug symbols☆47Updated 10 months ago