whosstyler/type2-amd-hv

This is a hypervisor for Windows, written in C, that works exclusively on AMD processors. A hypervisor is a piece of software that can take control of a computer at a level below the operating system. Once this one loads, Windows keeps running normally but the hypervisor is now sitting underneath it, able to observe and intercept certain operations. The term "type-2" in the name refers to classification: a type-2 hypervisor runs inside an existing operating system rather than replacing it at boot. Here the trick is that after loading, the hypervisor places the already-running Windows instance into a guest virtual machine while the hypervisor itself takes the host position. From that point on, Windows does not know it is running inside a container. The project requires a third-party driver loader to get started because Windows refuses to load drivers that have not been signed through its normal process. This repository only provides the hypervisor itself, not the loader. Once running, the hypervisor exposes a small set of capabilities. It can read and write memory in any process on the system by directly walking the processor's memory translation tables, bypassing normal operating system checks. It can hook memory pages so that code reading a page and code executing that page see different content. It can hide memory ranges from outside observers. It also includes a special allocator that claims physical memory that Windows never knew existed, so the hypervisor's own data structures do not appear in any list the operating system tracks. The README is explicit that this is a substrate: the technical building blocks are here, but it does not include any anti-cheat bypass code, mouse injection, API spoofing, or similar functionality. The author wrote it while studying the AMD processor architecture manuals and includes references to those documents throughout the source code. Comments and documentation vary in depth across different files.