Updated version of System Management Mode backdoor for UEFI based platforms: old dog, new tricks
☆357Nov 3, 2023Updated 2 years ago
Alternatives and similar repositories for SmmBackdoorNg
Users that are interested in SmmBackdoorNg are comparing it to the libraries listed below
Sorting:
- SMM rootkit similar to LoJax or MosaicRegressor☆146Nov 1, 2023Updated 2 years ago
- ☆275Sep 2, 2025Updated 6 months ago
- alternative smm driver for ryzen motherboards☆189Oct 12, 2024Updated last year
- Autonomous pre-boot DMA attack hardware implant for M.2 slot based on PicoEVB development board☆101Oct 21, 2023Updated 2 years ago
- PCI Express DIY hacking toolkit for Xilinx SP605. This repository is also home of Hyper-V Backdoor and Boot Backdoor, check readme for li…☆854Updated this week
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.☆591Aug 2, 2025Updated 7 months ago
- First open source and publicly available System Management Mode backdoor for UEFI based platforms. Good as general purpose playground for…☆629Oct 9, 2023Updated 2 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆269Aug 31, 2022Updated 3 years ago
- ☆361May 11, 2025Updated 9 months ago
- UEFI and SMM Assessment Tool☆214Nov 21, 2024Updated last year
- Admin to Kernel code execution using the KSecDD driver☆264Apr 19, 2024Updated last year
- PoC Implementation of a fully dynamic call stack spoofer☆921Jul 20, 2024Updated last year
- The report and the exploit of CVE-2021-26943, the kernel-to-SMM local privilege escalation vulnerability in ASUS UX360CA BIOS version 303…☆145Mar 29, 2021Updated 4 years ago
- A small bootkit which does not rely on x64 assembly.☆511Aug 29, 2019Updated 6 years ago
- HyperDeceit is the ultimate all-in-one library that emulates Hyper-V for Windows, giving you the ability to intercept and manipulate oper…☆379Jun 3, 2023Updated 2 years ago
- Another UEFI runtime bootkit☆37May 8, 2023Updated 2 years ago
- Load a dynamic library from memory by modifying the native Windows loader☆286Jun 18, 2025Updated 8 months ago
- The Definitive Guide To Process Cloning on Windows☆543Jan 3, 2024Updated 2 years ago
- Recursive and arbitrary code execution at kernel-level without a system thread creation☆159Apr 13, 2023Updated 2 years ago
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆243Sep 26, 2023Updated 2 years ago
- Using Windows' own bootloader as a shim to bypass Secure Boot☆226Jul 17, 2024Updated last year
- baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability☆350Sep 27, 2023Updated 2 years ago
- PoCs for Kernelmode rootkit techniques research.☆432Nov 4, 2025Updated 4 months ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆411Jan 11, 2026Updated last month
- For when DLLMain is the only way☆424Oct 29, 2024Updated last year
- Implementation of Advanced Module Stomping and Heap/Stack Encryption☆225Jul 25, 2023Updated 2 years ago
- Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!☆251Jul 9, 2024Updated last year
- Rusty Bootkit - Windows UEFI Bootkit in Rust (Codename: RedLotus)☆563Sep 12, 2023Updated 2 years ago
- ☆42Feb 18, 2025Updated last year
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆320Oct 13, 2024Updated last year
- Finding Truth in the Shadows☆123Jan 26, 2023Updated 3 years ago
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆132Apr 26, 2023Updated 2 years ago
- ROP-based sleep obfuscation to evade memory scanners☆376Jun 22, 2025Updated 8 months ago
- Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.☆677Nov 9, 2023Updated 2 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆1,006Jun 4, 2024Updated last year
- Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven☆263Oct 16, 2024Updated last year
- SMM UEFI module and client for UMD privilege escalation☆66May 29, 2025Updated 9 months ago
- uefi diskless persistence technique + OVMF secureboot bypass☆95Apr 22, 2024Updated last year
- Hooking Windows' exception dispatcher to protect process's PML4☆227Jan 24, 2025Updated last year