xtremegamer1 / Illicit-memory-allocation
This driver hooks a device object for ioctl and uses mdls to allocate physical pages and manually injects an entry into a process's page table.
☆12Updated last year
Alternatives and similar repositories for Illicit-memory-allocation:
Users that are interested in Illicit-memory-allocation are comparing it to the libraries listed below
- detect hypervisor with Nmi Callback☆34Updated 2 years ago
- POC Hook of nt!HvcallCodeVa☆50Updated last year
- ☆32Updated last year
- Old way for blocking NMI interrupts☆25Updated 2 years ago
- Achieving code execution through abusing vectored exception handling☆17Updated last year
- A poc that abuses Enclave☆36Updated 2 years ago
- A method to Disable DSE using .data ptr hooks☆29Updated 11 months ago
- Hijack NotifyRoutine for a kernelmode thread☆41Updated 2 years ago
- Illustrates the concept of return address spoofing, and how it is used.☆13Updated 4 years ago
- Patches DSE by swapping both data ptrs located in SeValidateImageHeader && SeValidateImageData☆21Updated 11 months ago
- clearing traces of a loaded driver☆46Updated 2 years ago
- ☆27Updated 3 months ago
- 将驱动映射到会话空间☆34Updated 2 years ago
- partially disable patchguard up to win11 21H2☆18Updated 7 months ago
- windows kernel pagehook☆39Updated 2 years ago
- ☆23Updated last year
- ☆71Updated 2 years ago
- POC kernel driver with hidden system thread☆13Updated 8 months ago
- UM-KM Communication using registry callbacks☆39Updated 4 years ago
- A simple present scene, kernel allocation injector.☆24Updated 2 years ago
- Only for Stress-Testing☆23Updated 2 years ago
- Hiding a system thread against conventional means of detection☆36Updated 4 years ago
- Bypassing kernel patch protection runtime☆19Updated last year
- hooks gServerHandlers xxxEventWndProc☆12Updated 2 years ago
- Register a callback from a Manually mapped kernel module☆14Updated 2 years ago
- Not mine. Only for saving☆21Updated 2 years ago