blair1922

BlairInjector

Ring0 meme wey

pipedriver

Communicate from ring-0 to ring-3 using NamedPipes.

HdeWrapper

Find your offsets the cool way, :)

wardenrekter

Emulate OW2 AC

ssdtmeme

Demonstrates SSDT hooking, technique often used by BattlEye. Only works in ring-0 privileges

InterDKOM

Kernelmode driver with hijacked IOCTL payload, physical memory support and DTB bruteforce

VulnKernelDriver-GLC

ValorantOffsets

Always updated and freshly dumped with HdeWrapper

EasyAntiCheat-Emulator

Simple DLL that spoofs EasyAntiCheat on most games

smart-uefi

communicate through EFI variables without an EFI driver

Base

OnlyCerts-POC

Whitelist certificates from ring3, cba add integrity checks to prevent program for being tampered with

shmb

runtime shared memory ring0 example

Awesome-Bootkits-Rootkits-Development

A curated compilation of extensive resources dedicated to bootkit and rootkit development.

BlackLotus

BlackLotus UEFI Windows Bootkit

blairhv

x64 intel hypervisor with vmcs, vmx and physical page support

EfiCMake

CMake template for a basic EFI application/bootkit. This library is header-only, there is no EDK2 runtime!).

FecurityCODWebApi

Run on flask on VPS, used for auto page translation

Hyper-V-scripts

Hyper-V scripts

Memeory

Unlock paging table accesses on Windows.

memflow

physical memory introspection framework

ultracage

Config files for my GitHub profile.

umap

Temp repo to spoof btbd/umap edit date

unvirt_driver

tested on vgk

vmread-rs

Rust bindings for vmread

W10M_unedited-decomp

Pure Hex-rays Decompiler Psudocode of various Windows 10 Mobile binaries, No edit have been done to the output, you will need to piece together each function, class etc.Provided "as-is"