zodiacon / QuickAsm
Simple x86/x64 Assembler/Disassembler/Emulator
☆169Updated 3 months ago
Related projects ⓘ
Alternatives and complementary repositories for QuickAsm
- masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)☆115Updated last year
- Recon 2023 slides and code☆78Updated last year
- Single header version of System Informer's phnt library.☆184Updated 2 weeks ago
- Process Injection using Thread Name☆240Updated 2 months ago
- msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation to be used within IDA.☆148Updated 10 months ago
- A list of excellent resources for anyone to deepen their understanding with regards to Windows Kernel Exploitation and general low level …☆121Updated 2 years ago
- LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.☆255Updated 9 months ago
- A small x64 library to load dll's into memory.☆424Updated last year
- Admin to Kernel code execution using the KSecDD driver☆237Updated 6 months ago
- Debugger Anti-Detection Benchmark☆290Updated 11 months ago
- Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2☆221Updated 2 years ago
- Advanced driver monitoring utility.☆201Updated 2 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆236Updated 2 years ago
- RISC-V Virtual Machine☆201Updated last week
- Recursive and arbitrary code execution at kernel-level without a system thread creation☆154Updated last year
- Implementation of Advanced Module Stomping and Heap/Stack Encryption☆208Updated last year
- Side-by-side comparison of the Windows and Linux (GNU) Loaders☆287Updated 2 months ago
- Kernel-mode Paravirtualization in Ring 2, LLVM based linker, and some other things!☆249Updated 2 weeks ago
- Collection of hypervisor detections☆182Updated last month
- WinDbg extension written in Rust to dump the CPU / memory state of a running VM☆111Updated this week
- Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers☆157Updated 2 weeks ago
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆259Updated 3 weeks ago
- Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling withou…☆174Updated 2 weeks ago
- Native code virtualizer for x64 binaries☆398Updated this week
- For when DLLMain is the only way☆349Updated 2 weeks ago
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆109Updated 4 months ago
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆220Updated last year
- A tutorial on how to write a packer for Windows!☆245Updated 10 months ago
- A tool that is used to hunt vulnerabilities in x64 WDM drivers☆163Updated 10 months ago
- The Windbg extension that implements commands helpful to study Hyper-V on Intel processors.☆129Updated 3 weeks ago