Powerful automated tool for reverse engineering Unity IL2CPP binaries

Hiding kernel-driver for x86/x64.

Unreal Engine SDK Generator

Windows NT Syscall tables

Debugging Framework for Windows.

Sleep Obfuscation

Debugger Anti-Detection Benchmark

Emulate Drivers in RING3 with self context mapping or unicorn

xigmapper is a driver manual mapper that loads your driver before Vanguard, but after critical system infrastructure has been set up, allowing you to write your bypass without worrying about the in…

Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling without admin permissions or kernel drivers.

Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!

Using CVE-2023-21768 to manual map kernel mode driver

KDP compatible unsigned driver loader leveraging a write primitive in one of the IOCTLs of gdrv.sys

Intercepting DeviceControl via WPP

A native hypervisor designed for the Windows operating system

Example of reading process memory through kernel special APC

Minimal memory library for Windows / Linux

A tiny PoC to inject and execute code into explorer.exe with WM_SETTEXT+WM_COPYDATA+SetThreadContext

A Windows Memory driver for game hacking purposes. Supports manual mapping with BlackBone and PastDSE.

Based off of [tarekwiz / League-Unpacker]

A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.