"Bypassing" HVCI via donor PFN swaps to modify read-only code pages. Call chained kernel functions (kCET and SLAT support), and more.
☆118Mar 16, 2026Updated last month
Alternatives and similar repositories for BusterCall
Users that are interested in BusterCall are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- .data ptr swapper for newer win32k versions. (Supports Windows 11)☆37Jan 19, 2026Updated 3 months ago
- Binary lifter and deobfuscator using remill for x86_64 Windows binaries☆83Apr 20, 2026Updated last week
- reverse engineering of the windows nt kernel debugger protocol & reimplementation.☆38Jul 2, 2024Updated last year
- A minimalistic way to spoof return addresses without using exceptions☆19Jul 26, 2022Updated 3 years ago
- ☆17Dec 18, 2020Updated 5 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Resolve offsets, gadgets and symbols from NTKernel☆61Jan 15, 2026Updated 3 months ago
- The materials of the "Hypervisors for Hackers: Security from the Hardware Up" class held at Global Cybersecurity Camp 2026 Vietnam.☆58Mar 4, 2026Updated last month
- Abusing DDMA alongside Copy On Write for Cross Process Code Execution for a 3000$ Bug Bounty☆100Feb 1, 2026Updated 2 months ago
- ☆99Oct 25, 2025Updated 6 months ago
- Stealth-focused Intel VT-x hypervisor (EAC/BE/ACs/AVs).☆293Mar 20, 2026Updated last month
- Windows kernel driver demonstrating kernel-to-usermode communication via shared memory sections☆101Updated this week
- CVE-2022-3699 with arbitrary kernel code execution capability☆71Dec 27, 2022Updated 3 years ago
- mash hypervisor host pml4☆17Jun 22, 2022Updated 3 years ago
- ☆52Nov 7, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A better way to write shell code☆11May 28, 2021Updated 4 years ago
- A high-fidelity x86_64 polymorphic mutation engine focused on instruction-level fragmentation and context preservation.☆110Jan 18, 2026Updated 3 months ago
- An AI-powered reverse-engineering copilot for assisting tedious malware analysis in IDA Pro.☆53Apr 15, 2026Updated 2 weeks ago
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆74Apr 13, 2025Updated last year
- Simple anti-instrumentation with EFLAGS.AC☆17Mar 31, 2025Updated last year
- Minimalistic HTTP(S) client for the NT kernel☆61Dec 1, 2025Updated 4 months ago
- nmi stackwalking + module verification☆165Dec 28, 2023Updated 2 years ago
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆78Mar 29, 2025Updated last year
- SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.☆118Oct 15, 2024Updated last year
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- ☆279Sep 2, 2025Updated 7 months ago
- stack based buffer overflow in MsIo64.sys, Proof of Concept Local Privilege Escalation to nt authority/system☆13Jun 7, 2021Updated 4 years ago
- REcon 2024 Repo, slides for talk "GOP Complex: Image parsing bugs, EBC polymorphic engines and the Deus ex machina of UEFI exploit dev""☆14Mar 31, 2025Updated last year
- tests to catch some sloppy hv impls☆36Mar 16, 2026Updated last month
- ☆40Jun 10, 2023Updated 2 years ago
- Hooking Windows' exception dispatcher to protect process's PML4☆240Jan 24, 2025Updated last year
- Various reverse engineering work on Windows☆22Feb 21, 2021Updated 5 years ago
- Freeze target threads (external - internal ) by avoiding SuspendThread detections. Or access registers from start address.☆35Mar 23, 2024Updated 2 years ago
- Harness to issue Virtual Secure Mode (VSM) "secure calls" from VTL 0 to VTL 1☆79Sep 8, 2025Updated 7 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆63Oct 19, 2024Updated last year
- Loading and executing shellcode in C# without PInvoke.☆22Jan 10, 2022Updated 4 years ago
- ☆55Mar 26, 2025Updated last year
- VMProtect2 Deobfuscation Tooling☆108Nov 12, 2025Updated 5 months ago
- ☆69Updated this week
- Load Dll into Kernel space☆39Aug 23, 2022Updated 3 years ago
- Template for UEFI runtime drivers written in Rust with serial logging and debugging support.☆62Oct 9, 2020Updated 5 years ago