hvcv

[64位VT基本框架更新中....]

简单的64位VT cpu虚拟化，启用ept，利用EPT Violation实现内核API的inline hook，RW和X分挂不同的页面，实现所谓的无痕HOOK，测试时Hook了NtTerminateProcess，对notepad进程的退出做了监控
使用尽量简单的语法，以及语言特性，主要是为了学习和理解

测试环境：win10 21h2,win7 7601(虚拟机)

reference:

https://rayanfam.com/topics/hypervisor-from-scratch-part-6/

https://github.com/tandasat/HyperPlatform

https://github.com/zzhouhe/VT_Learn

https://github.com/haidragon/newbluepill

https://github.com/Gbps/gbhv

<<64-ia-32--system-programming-manual-vol-3.pdf>>

<<处理器虚拟化技术>>

...........

PS：win10 21H2 物理机测试开启EPT触发KERNEL_SECURITY_CHEKC BSOD，后面也就再没折腾，单纯是出于兴趣，另外，本人并不是写挂的!

Name		Name	Last commit message	Last commit date
Latest commit History 11 Commits
png		png
.gitattributes		.gitattributes
.gitignore		.gitignore
CVDpc.h		CVDpc.h
CVEpt.c		CVEpt.c
CVEpt.h		CVEpt.h
CVEventInject.c		CVEventInject.c
CVEventInject.h		CVEventInject.h
CVGlobalVaribles.h		CVGlobalVaribles.h
CVSetVMCS.c		CVSetVMCS.c
CVSetVMCS.h		CVSetVMCS.h
CVasm.asm		CVasm.asm
CVdriver.c		CVdriver.c
CVvmcall.c		CVvmcall.c
CVvmcall.h		CVvmcall.h
CVvmexitEntry.c		CVvmexitEntry.c
CVvmexitEntry.h		CVvmexitEntry.h
CVvmutil.c		CVvmutil.c
CVvmutil.h		CVvmutil.h
LDE64x64.lib		LDE64x64.lib
README.md		README.md
SSDT.c		SSDT.c
SSDT.h		SSDT.h
common.h		common.h
hook.c		hook.c
hook.h		hook.h
hvcv.sln		hvcv.sln
hvcv.vcxproj		hvcv.vcxproj
hvcv.vcxproj.filters		hvcv.vcxproj.filters
lde64.h		lde64.h
selector.c		selector.c
selector.h		selector.h

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

hvcv

About

Releases

Packages

Languages

Jhinxs/hvcv

Folders and files

Latest commit

History

Repository files navigation

hvcv

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages