insn's repositories
pipedriver
Communicate from ring-0 to ring-3 using NamedPipes.
wardenrekter
Kill most of Overwatch 2's core anti-debugger components. (if not all :D)
smart-uefi
communicate through EFI variables without an EFI driver
OnlyCerts-POC
Whitelist certificates from ring3, cba add integrity checks to prevent program for being tampered with
Awesome-Bootkits-Rootkits-Development
A curated compilation of extensive resources dedicated to bootkit and rootkit development.
BlackLotus
BlackLotus UEFI Windows Bootkit
blairhv
x64 intel hypervisor with vmcs, vmx and physical page support
EasyAntiCheat-Emulator
Simple DLL that spoofs EasyAntiCheat on most games
InterDKOM
Kernelmode driver with hijacked IOCTL payload, physical memory support and DTB bruteforce
Memeory
Unlock paging table accesses on Windows.
memflow
physical memory introspection framework
umap
Temp repo to spoof btbd/umap edit date
vmread-rs
Rust bindings for vmread
W10M_unedited-decomp
Pure Hex-rays Decompiler Psudocode of various Windows 10 Mobile binaries, No edit have been done to the output, you will need to piece together each function, class etc.Provided "as-is"