xsh3llsh0ck / ResilienceKitLinks
Another UEFI runtime bootkit
☆29Updated 2 years ago
Alternatives and similar repositories for ResilienceKit
Users that are interested in ResilienceKit are comparing it to the libraries listed below
Sorting:
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆55Updated 8 months ago
- Tool to dump EFI runtime drivers.☆36Updated last year
- Compact MBR Bootkit for Windows☆52Updated 3 years ago
- Me fockin' pe protector☆45Updated 2 years ago
- Example of using Windows Platform Binary Table (WPBT)☆22Updated last year
- EFI bootkit for loading unsigned drivers☆18Updated 11 months ago
- POC Hook of nt!HvcallCodeVa☆52Updated 2 years ago
- An extended proof-of-concept for the CVE-2021-21551 Dell ‘dbutil_2_3.sys’ Kernel Exploit☆24Updated 3 years ago
- UEFI bootkit: Hardware Implant. In-Progress☆16Updated 3 years ago
- Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible. No …☆20Updated last year
- intel vt-x type 2 hypervisor☆56Updated 2 months ago
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆47Updated 2 years ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆66Updated last year
- Win64 UEFI Driver-based tool for unrestricted memory R/W☆27Updated 3 years ago
- Binary rewriter for 64-bit PE files.☆78Updated last year
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆55Updated 2 years ago
- C/C++ antidebugging library for Windows☆22Updated 5 months ago
- ☆30Updated 9 months ago
- windows rootkit☆60Updated last year
- A poc that abuses Enclave☆38Updated 2 years ago
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆40Updated 3 years ago
- Small driver that uses alternative syscalls feature (the project is still under development).☆17Updated last year
- Windows PDB parser for kernel-mode environment.☆97Updated 2 weeks ago
- SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.☆88Updated 8 months ago
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆122Updated 2 years ago
- reverse engineering of the windows nt kernel debugger protocol & reimplementation.☆25Updated 11 months ago
- ntoskrnl .data hooks for UM-KM communication☆40Updated last year
- Hijack NotifyRoutine for a kernelmode thread☆42Updated 3 years ago
- Experiment with PAGE_GUARD protection to hide memory from other processes☆46Updated last year
- This is a POC Test project for INTEL CPUs on blocking NMI Entries through the IDT Handler.☆54Updated 8 months ago