Stars
Simple proof of concept showing how you can use Discord's in-game internal module to draw on top of the game (even if the game is in fullscreen) from an external application without modifying any D…
Advanced usermode anti-anti-debugger. Forked from https://bitbucket.org/NtQuery/scyllahide
development of the dumpspace project.
Fast and lightweight x86/x86-64 disassembler and code generation library
Simple proof of concept kernel mode driver hooking tpm.sys dispatch to randomize any public key reads
Hypervisor based anti anti debug plugin for x64dbg
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
Abusing nvidia driver (nvoclock.sys) for physical/virtual memory and control register manipulation.
Virtual and physical memory hacking library using gigabyte vulnerable driver
A bunch of certificates from the Hacking Team leak
Proof of concept on how to bypass some limitations of a manual mapped driver
Scrape GrayHat Warefare for leaked code signing certificates. Outputs certificate hashes to crack with JtR
manual map unsigned driver over signed memory
Use RTCore64 to map your driver on windows 11.
Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.
KDMapper is a simple tool that exploits iqvw64e.sys Intel driver to manually map non-signed drivers in memory
A very simple C++ library for download pdb, get rva of function, global variable and offset from struct.
PoC EFI runtime driver for memory r/w & kdmapper fork
Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling without admin permissions or kernel drivers.
usermode driver mapper that forcefully loads any signed kernel driver (legit cert) with a big enough section (example: .data, .rdata) to map your driver over. the main focus of this project is to p…