Cr4sh / efiXplorer
IDA plugin for UEFI firmware analysis and reverse engineering automation
☆10Updated 2 years ago
Related projects: ⓘ
- ☆26Updated this week
- r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems☆10Updated 6 years ago
- Plugins related to LeechCore☆29Updated 2 weeks ago
- Take back control of Windows Code Integrity, no exploits or patching required! Requires that you control your own Platform Key (PK).☆36Updated 2 years ago
- Exploits pack for the Windows Kernel mode driver HackSysExtremeVulnerableDriver written for educational purposes.☆62Updated 2 years ago
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆69Updated last year
- Rekall Memory Forensic Framework☆29Updated 5 years ago
- arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system☆52Updated 2 years ago
- This x64dbg plugin allows you to upload your sample to Malcore and view the results.☆31Updated last year
- SMM UEFI module and client for UMD privilege escalation☆28Updated last year
- NT AUTHORITY\SYSTEM☆37Updated 4 years ago
- A attempt at replicating BLACKLOTUS capabilities, whilst not acting as a direct mimic.☆81Updated last year
- using the Recycle Bin to insure persistence☆11Updated 2 years ago
- Exploit POC for CVE-2024-36877☆42Updated last month
- Neutralize KEPServerEX anti-debugging techniques☆30Updated last year
- Code injection from Linux kernel to a process☆19Updated last year
- ☆8Updated 2 months ago
- Win64 UEFI Driver-based tool for unrestricted memory R/W☆24Updated 2 years ago
- Lightweight Threat Detection System - (Base)☆14Updated 5 months ago
- A packed & protected Module Loader and more, for 64-bit Windows☆28Updated 3 years ago
- Information about a signed UEFI Shell that can be used when Secure Boot is enabled.☆76Updated 3 years ago
- Parser for a custom executable format from Hidden Bee malware (first stage)☆39Updated last week
- 2022 Updated Kernelmode-Code☆29Updated 5 months ago
- UPDATED 2022 Flame malware sourcecode available !! Forked. I will later provide my sample of Flame, Duqu and Gauss.☆18Updated 6 months ago
- ☆27Updated 8 years ago
- A thin introspection hypervisor framework that allows for low level resource manipulation.☆9Updated 7 months ago
- Python 3 - Manipulation and conversation with different data type (Bytes operations)☆26Updated 2 years ago
- ASUSTeK AsIO3 I/O driver unlock☆19Updated 3 years ago
- LOJAX ROOTKIT (UEFI) +PDF Included[x]☆25Updated last year