"Bypassing" HVCI via donor PFN swaps to modify read-only code pages. Call chained kernel functions (kCET and SLAT support), and more.
☆126Mar 16, 2026Updated 2 months ago
Alternatives and similar repositories for BusterCall
Users that are interested in BusterCall are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- .data ptr swapper for newer win32k versions. (Supports Windows 11)☆37Jan 19, 2026Updated 4 months ago
- Binary lifter and deobfuscator using remill for x86_64 Windows binaries☆84Apr 20, 2026Updated last month
- reverse engineering of the windows nt kernel debugger protocol & reimplementation.☆38Jul 2, 2024Updated last year
- A minimalistic way to spoof return addresses without using exceptions☆19Jul 26, 2022Updated 3 years ago
- ☆17Dec 18, 2020Updated 5 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Abusing DDMA alongside Copy On Write for Cross Process Code Execution for a 3000$ Bug Bounty☆101Feb 1, 2026Updated 4 months ago
- ☆102Oct 25, 2025Updated 7 months ago
- Windows kernel driver demonstrating kernel-to-usermode communication via shared memory sections☆106Apr 24, 2026Updated last month
- CVE-2022-3699 with arbitrary kernel code execution capability☆71Dec 27, 2022Updated 3 years ago
- mash hypervisor host pml4☆17Jun 22, 2022Updated 3 years ago
- Stealth-focused Intel VT-x hypervisor (EAC/BE/ACs/AVs).☆337Mar 20, 2026Updated 2 months ago
- The materials of the "Hypervisors for Hackers: Security from the Hardware Up" class held at Global Cybersecurity Camp 2026 Vietnam.☆63Mar 4, 2026Updated 3 months ago
- A better way to write shell code☆11May 28, 2021Updated 5 years ago
- Polymorphic PE rewriter for Windows x64 , rewrites binaries into semantically identical but byte-different variants☆181Updated this week
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Simple anti-instrumentation with EFLAGS.AC☆17Mar 31, 2025Updated last year
- Minimalistic HTTP(S) client for the NT kernel☆61Dec 1, 2025Updated 6 months ago
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆81Apr 13, 2025Updated last year
- A high-fidelity x86_64 polymorphic mutation engine focused on instruction-level fragmentation and context preservation.☆112Jan 18, 2026Updated 4 months ago
- nmi stackwalking + module verification☆170Dec 28, 2023Updated 2 years ago
- ☆54Nov 7, 2024Updated last year
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆78Mar 29, 2025Updated last year
- SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.☆122Oct 15, 2024Updated last year
- stack based buffer overflow in MsIo64.sys, Proof of Concept Local Privilege Escalation to nt authority/system☆13Jun 7, 2021Updated 5 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- ☆292Sep 2, 2025Updated 9 months ago
- REcon 2024 Repo, slides for talk "GOP Complex: Image parsing bugs, EBC polymorphic engines and the Deus ex machina of UEFI exploit dev""☆14Mar 31, 2025Updated last year
- An AI-powered reverse-engineering copilot for assisting tedious malware analysis in IDA Pro.☆62May 6, 2026Updated last month
- tests to catch some sloppy hv impls☆36Mar 16, 2026Updated 2 months ago
- ☆39Jun 10, 2023Updated 2 years ago
- Hooking Windows' exception dispatcher to protect process's PML4☆255Jan 24, 2025Updated last year
- Various reverse engineering work on Windows☆22Feb 21, 2021Updated 5 years ago
- Harness to issue Virtual Secure Mode (VSM) "secure calls" from VTL 0 to VTL 1☆80Sep 8, 2025Updated 9 months ago
- Freeze target threads (external - internal ) by avoiding SuspendThread detections. Or access registers from start address.☆36Mar 23, 2024Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆64Oct 19, 2024Updated last year
- Loading and executing shellcode in C# without PInvoke.☆22Jan 10, 2022Updated 4 years ago
- Set of PoC to abuse Windows minifilters functionality☆84May 1, 2026Updated last month
- ☆56Mar 26, 2025Updated last year
- Hijacking Hyper-V at Runtime with DDMA☆140Aug 13, 2025Updated 9 months ago
- An IDA Hex-Rays microcode filter that lifts AVX/AVX2/AVX-512/AVX10 and VMX/VT-x instructions to intrinsics.☆79Updated this week
- Load Dll into Kernel space☆39Aug 23, 2022Updated 3 years ago