xigmapper is a driver manual mapper that loads your driver before Vanguard, but after critical system infrastructure has been set up, allowing you to write your bypass without worrying about the intricacies of EFI or the boot process.
☆294Jan 18, 2024Updated 2 years ago
Alternatives and similar repositories for xigmapper
Users that are interested in xigmapper are comparing it to the libraries listed below
Sorting:
- ☆360May 11, 2025Updated 9 months ago
- Emulate Drivers in RING3 with self context mapping or unicorn☆365Aug 18, 2022Updated 3 years ago
- Efi Driver Access is a simply project to load a driver during system boot with the idea to give the user kernel access for read/write mem…☆473Jan 8, 2023Updated 3 years ago
- bypass to the p2c(s) that I have run over the past few months.☆55Feb 4, 2023Updated 3 years ago
- HyperDeceit is the ultimate all-in-one library that emulates Hyper-V for Windows, giving you the ability to intercept and manipulate oper…☆376Jun 3, 2023Updated 2 years ago
- driver manual mapper powered by https://github.com/estimated1337/lenovo_exec☆115Dec 28, 2022Updated 3 years ago
- usermode driver mapper that forcefully loads any signed kernel driver (legit cert) with a big enough section (example: .data, .rdata) to …☆470Jan 3, 2022Updated 4 years ago
- Kernel driver for detecting Intel VT-x hypervisors.☆197Jul 11, 2023Updated 2 years ago
- A mapper that maps shellcode into loaded large page drivers☆324Apr 26, 2022Updated 3 years ago
- ☆34Apr 11, 2023Updated 2 years ago
- ☆148Jan 24, 2024Updated 2 years ago
- base for testing☆186Sep 28, 2024Updated last year
- ☆73Aug 31, 2022Updated 3 years ago
- PoC EFI runtime driver for memory r/w & kdmapper fork☆569Nov 30, 2024Updated last year
- Abusing nvidia driver (nvoclock.sys) for physical/virtual memory and control register manipulation.☆276Aug 25, 2023Updated 2 years ago
- undetected eac mapper☆170May 3, 2022Updated 3 years ago
- Lightweight Intel VT-x Hypervisor.☆661Dec 17, 2024Updated last year
- Demo proof of concept for shadow regions, and implementation of HyperDeceit.☆314May 31, 2023Updated 2 years ago
- Unknowncheats Magically Optimized Tidy Mapper using nvaudio☆152Jun 11, 2024Updated last year
- Using CVE-2023-21768 to manual map kernel mode driver☆197Mar 10, 2023Updated 2 years ago
- ☆223Mar 11, 2023Updated 2 years ago
- UEFI bootkit for driver manual mapping☆584Jan 1, 2024Updated 2 years ago
- A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy☆103Jun 26, 2023Updated 2 years ago
- Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executabl…☆385Jan 29, 2022Updated 4 years ago
- This tool will allow you to spoof the return addresses of your functions as well as system functions.☆550Nov 12, 2022Updated 3 years ago
- ☆27Oct 18, 2023Updated 2 years ago
- Standard Kernel Library for Windows manipulation in C++☆199Jun 18, 2025Updated 8 months ago
- Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.☆382Aug 8, 2021Updated 4 years ago
- manual map unsigned driver over signed memory☆219Apr 11, 2024Updated last year
- Easy Anti PatchGuard☆223Apr 9, 2021Updated 4 years ago
- Module extending manual mapper☆380Mar 28, 2020Updated 5 years ago
- POC Hook of nt!HvcallCodeVa☆54May 8, 2023Updated 2 years ago
- Minimalistic AMD-V/SVM hypervisor with memory introspection capabilities☆372Feb 26, 2025Updated last year
- A intel hypervisor, implementing many virtualization techniques☆52Apr 24, 2023Updated 2 years ago
- Stealthy UM <-> KM communication system without creating any system threads, permanent hooks, driver objects, section objects or device o…☆379Mar 15, 2024Updated last year
- 🪝 Various EPT hook detection approaches☆143Updated this week
- just proof of concept. hooking MmCopyMemory PG safe.☆82Nov 13, 2023Updated 2 years ago
- Hide SMBIOS/disk/NIC serials from EFI bootkit☆323May 14, 2021Updated 4 years ago
- Example of reading process memory through kernel special APC☆110Apr 21, 2023Updated 2 years ago