Cr4sh / pico_dma
Autonomous pre-boot DMA attack hardware implant for M.2 slot based on PicoEVB development board
☆64Updated last year
Related projects ⓘ
Alternatives and complementary repositories for pico_dma
- SMM UEFI module and client for UMD privilege escalation☆30Updated last year
- Abusing exceptions for code execution.☆107Updated last year
- The Windbg extension that implements commands helpful to study Hyper-V on Intel processors.☆130Updated last month
- BYOVD: Loading dbk64.sys and grabbing a handle to it☆149Updated 2 years ago
- Finding Truth in the Shadows☆84Updated last year
- CMake template for a basic EFI application/bootkit. This library is header-only, there is no EDK2 runtime!).☆76Updated 2 years ago
- Research on obfuscated licensing APIs / CLIP service in the Windows kernel☆86Updated 2 years ago
- A attempt at replicating BLACKLOTUS capabilities, whilst not acting as a direct mimic.☆85Updated last year
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆106Updated last year
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆237Updated 2 years ago
- Report and exploit of CVE-2023-36427☆87Updated 11 months ago
- Another UEFI runtime bootkit☆30Updated last year
- Compact MBR Bootkit for Windows☆44Updated 2 years ago
- A journal for $6,000 Riot Vanguard bounty.☆57Updated last year
- An x64dbg plugin which helps make sense of long C++ symbols☆59Updated last year
- uefi diskless persistence technique + OVMF secureboot bypass☆52Updated 6 months ago
- Resolve DOS MZ executable symbols at runtime☆93Updated 3 years ago
- A tool that is used to hunt vulnerabilities in x64 WDM drivers☆163Updated 10 months ago
- Me fockin' pe protector☆45Updated 2 years ago
- Kernel driver for detecting Intel VT-x hypervisors.☆170Updated last year
- Windows kernel debugger for Linux hosts running Windows under KVM/QEMU☆57Updated 3 weeks ago
- Report and exploit of CVE-2024-21305.☆30Updated 10 months ago
- PoC that measures how long it takes the CPU to execute the CPUID instruction and reports if it suspects a VM. Works on both Windows and L…☆23Updated 4 years ago
- Binary Ninja plugin that can be used to apply Triton's dead store eliminitation pass on basic blocks or functions.☆58Updated 4 months ago
- A simple hypervisor demonstrating the use of the Intel VT-rp (redirect protection) technology.☆91Updated 7 months ago
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆115Updated 2 months ago
- Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling withou…☆178Updated 3 weeks ago
- WinLicense key extraction via Intel PIN☆79Updated 7 months ago
- Unicorn Engine port for UEFI firmware☆44Updated 6 months ago
- A large collection of 32bit and 64bit PE files useful for verifying the correctness of bin2bin transformations☆46Updated 3 months ago