Pinned Repositories
barevisor
A bare minimum hypervisor on AMD and Intel processors for learners.
DdiMon
Monitoring and controlling kernel API calls with stealth hook using EPT
ExploitCapcom
This is a standalone exploit for a vulnerable feature in Capcom.sys
HyperPlatform
Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.
Hypervisor-101-in-Rust
The materials of "Hypervisor 101 in Rust", a one-day long course, to quickly learn hardware-assisted virtualization technology and its application for high-performance fuzzing on Intel/AMD processors.
MemoryMon
Detecting execution of kernel memory where is not backed by any image file
MiniVisorPkg
The research UEFI hypervisor that supports booting an operating system.
PgResarch
PatchGuard Research
SimpleSvm
A minimalistic educational hypervisor for Windows on AMD processors.
SimpleSvmHook
SimpleSvmHook is a research purpose hypervisor for Windows on AMD processors.
tandasat's Repositories
tandasat/HyperPlatform
Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.
tandasat/DdiMon
Monitoring and controlling kernel API calls with stealth hook using EPT
tandasat/Hypervisor-101-in-Rust
The materials of "Hypervisor 101 in Rust", a one-day long course, to quickly learn hardware-assisted virtualization technology and its application for high-performance fuzzing on Intel/AMD processors.
tandasat/MiniVisorPkg
The research UEFI hypervisor that supports booting an operating system.
tandasat/SimpleSvm
A minimalistic educational hypervisor for Windows on AMD processors.
tandasat/barevisor
A bare minimum hypervisor on AMD and Intel processors for learners.
tandasat/ExploitCapcom
This is a standalone exploit for a vulnerable feature in Capcom.sys
tandasat/scripts_for_RE
Python scripts for reverse engineering.
tandasat/hvext
The Windbg extensions to study Hyper-V on Intel and AMD processors.
tandasat/WinIoCtlDecoder
IDA Plugin which decodes Windows Device I/O control code into DeviceType, FunctionCode, AccessType and MethodType.
tandasat/WPBT-Builder
The simple UEFI application to create a Windows Platform Binary Table (WPBT) from the UEFI shell.
tandasat/UEFI-BIOS-Security
Security Camp 2021 & GCC 2022
tandasat/Hello-VT-rp
A simple hypervisor demonstrating the use of the Intel VT-rp (redirect protection) technology.
tandasat/CVE-2023-36427
Report and exploit of CVE-2023-36427
tandasat/HelloIommuPkg
The sample DXE runtime driver demonstrating how to program DMA remapping.
tandasat/DumpVTable
Generates a Python script to give public interface names in an ActiveX file to an IDB file.
tandasat/CVE-2022-25949
A years-old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77.
tandasat/CVE-2024-21305
Report and exploit of CVE-2024-21305.
tandasat/recon2024_demo
Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible. No test signing mode is required.
tandasat/tandasat.github.io
tandasat/ia32-doc
IA32-doc is a project which aims to put as many definitions from the Intel Manual into machine-processable format as possible
tandasat/List-UEFI-Configuration-Tables
List UEFI Configuration Tables
tandasat/awesome-virtualization
Collection of resources about Virtualization
tandasat/blog
https://tandasat.github.io/blog/
tandasat/efiSeek
Ghidra analyzer for UEFI firmware.
tandasat/Bochs
Bochs - Cross Platform x86 Emulator Project
tandasat/Sealighter
Sysmon-Like research tool for ETW
tandasat/tandasat
tandasat/rust
Empowering everyone to build reliable and efficient software.
tandasat/stdarch
Rust's standard library vendor-specific APIs and run-time feature detection