Pinned Repositories
DdiMon
Monitoring and controlling kernel API calls with stealth hook using EPT
ExploitCapcom
This is a standalone exploit for a vulnerable feature in Capcom.sys
hvext
The Windbg extension that implements commands helpful to study Hyper-V on Intel processors.
HyperPlatform
Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.
Hypervisor-101-in-Rust
The materials of "Hypervisor 101 in Rust", a one-day long course, to quickly learn hardware-assisted virtualization technology and its application for high-performance fuzzing on Intel/AMD processors.
MemoryMon
Detecting execution of kernel memory where is not backed by any image file
MiniVisorPkg
The research UEFI hypervisor that supports booting an operating system.
PgResarch
PatchGuard Research
SimpleSvm
A minimalistic educational hypervisor for Windows on AMD processors.
SimpleSvmHook
SimpleSvmHook is a research purpose hypervisor for Windows on AMD processors.
tandasat's Repositories
tandasat/HyperPlatform
Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.
tandasat/DdiMon
Monitoring and controlling kernel API calls with stealth hook using EPT
tandasat/Hypervisor-101-in-Rust
The materials of "Hypervisor 101 in Rust", a one-day long course, to quickly learn hardware-assisted virtualization technology and its application for high-performance fuzzing on Intel/AMD processors.
tandasat/MiniVisorPkg
The research UEFI hypervisor that supports booting an operating system.
tandasat/SimpleSvm
A minimalistic educational hypervisor for Windows on AMD processors.
tandasat/ExploitCapcom
This is a standalone exploit for a vulnerable feature in Capcom.sys
tandasat/barevisor
A bare minimum hypervisor on AMD and Intel processors for learners.
tandasat/scripts_for_RE
Python scripts for reverse engineering.
tandasat/SmmExploit
The report and the exploit of CVE-2021-26943, the kernel-to-SMM local privilege escalation vulnerability in ASUS UX360CA BIOS version 303.
tandasat/hvext
The Windbg extension that implements commands helpful to study Hyper-V on Intel processors.
tandasat/UEFI-BIOS-Security
Security Camp 2021 & GCC 2022
tandasat/WinIoCtlDecoder
IDA Plugin which decodes Windows Device I/O control code into DeviceType, FunctionCode, AccessType and MethodType.
tandasat/WPBT-Builder
The simple UEFI application to create a Windows Platform Binary Table (WPBT) from the UEFI shell.
tandasat/HelloSmm
This is an instruction to run your own SMM code.
tandasat/Hello-VT-rp
A simple hypervisor demonstrating the use of the Intel VT-rp (redirect protection) technology.
tandasat/CVE-2023-36427
Report and exploit of CVE-2023-36427
tandasat/HelloIommuPkg
The sample DXE runtime driver demonstrating how to program DMA remapping.
tandasat/DumpVTable
Generates a Python script to give public interface names in an ActiveX file to an IDB file.
tandasat/CVE-2022-25949
A years-old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77.
tandasat/CVE-2024-21305
Report and exploit of CVE-2024-21305.
tandasat/tandasat.github.io
tandasat/ia32-doc
IA32-doc is a project which aims to put as many definitions from the Intel Manual into machine-processable format as possible
tandasat/recon2024_demo
Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible. No test signing mode is required.
tandasat/List-UEFI-Configuration-Tables
List UEFI Configuration Tables
tandasat/awesome-virtualization
Collection of resources about Virtualization
tandasat/blog
https://tandasat.github.io/blog/
tandasat/Bochs
Bochs - Cross Platform x86 Emulator Project
tandasat/efiSeek
Ghidra analyzer for UEFI firmware.
tandasat/Sealighter
Sysmon-Like research tool for ETW
tandasat/tandasat