Cr4sh / SmmBackdoorNg
Updated version of System Management Mode backdoor for UEFI based platforms: old dog, new tricks
☆307Updated last year
Alternatives and similar repositories for SmmBackdoorNg:
Users that are interested in SmmBackdoorNg are comparing it to the libraries listed below
- Vulnerable driver research tool, result and exploit PoCs☆192Updated last year
- Admin to Kernel code execution using the KSecDD driver☆244Updated last year
- Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2☆226Updated 2 years ago
- A tool that is used to hunt vulnerabilities in x64 WDM drivers☆194Updated 3 weeks ago
- HyperDeceit is the ultimate all-in-one library that emulates Hyper-V for Windows, giving you the ability to intercept and manipulate oper…☆360Updated last year
- Rusty Bootkit - Windows UEFI Bootkit in Rust (Codename: RedLotus)☆526Updated last year
- SMM rootkit similar to LoJax or MosaicRegressor☆117Updated last year
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆244Updated 2 years ago
- LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.☆280Updated last year
- Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling withou…☆198Updated 5 months ago
- Single header version of System Informer's phnt library.☆210Updated last week
- Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks☆351Updated 5 months ago
- A small x64 library to load dll's into memory.☆437Updated last year
- Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…☆211Updated 5 months ago
- Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths☆328Updated 8 months ago
- The Definitive Guide To Process Cloning on Windows☆471Updated last year
- masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)☆121Updated last year
- Using Windows' own bootloader as a shim to bypass Secure Boot☆169Updated 9 months ago
- PoC Anti-Rootkit/Anti-Cheat Driver.☆186Updated 6 months ago
- PoC Implementation of a fully dynamic call stack spoofer☆760Updated 8 months ago
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.☆531Updated last month
- Exploitable drivers, you know what I mean☆132Updated last year
- PoCs for Kernelmode rootkit techniques research.☆365Updated 2 months ago
- baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability☆321Updated last year
- Lenovo Diagnostics Driver EoP - Arbitrary R/W☆172Updated 2 years ago
- Collection of hypervisor detections☆230Updated 6 months ago
- Process Injection using Thread Name☆256Updated 7 months ago
- Reverse engineering winapi function loadlibrary.☆188Updated 2 years ago
- RISC-V Virtual Machine☆216Updated last month
- msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation to be used within IDA.☆151Updated last year