DanielAvinoam / WindowsKernelProgrammingBook

Related projects ⓘ

Alternatives and complementary repositories for WindowsKernelProgrammingBook

• jbaines-r7 / dellicious
  Enabled / Disable LSA Protection via BYOVD
  ☆62Updated 2 years ago
• hackerhouse-opensource / envschtasksuacbypass
  Bypass UAC elevation on Windows 8 (build 9600) & above.
  ☆53Updated 2 years ago
• elddy / Windows-NTAPI-Injector
  Inject shellcode to process using Windows NTAPI for bypassing EDRs and Antiviruses
  ☆40Updated 3 years ago
• whokilleddb / A-Study-in-Obfuscation
  A Study in Obfuscation: Analyzing the effect of various techniques to bypass AV engines
  ☆41Updated 2 years ago
• iammaguire / Salient-Rootkit
  A kernel mode Windows rootkit in development.
  ☆49Updated 2 years ago
• OxNinja / C-VM
  My try to implement a virtual CPU in C
  ☆19Updated 11 months ago
• V3ded / Blog-Lab
  Source files for my posts
  ☆15Updated last year
• ReCryptLLC / CVE-2022-42045
  ☆37Updated last year
• namazso / PEDiffGen
  Subtract one PE file from another!
  ☆19Updated 3 years ago
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆34Updated 2 years ago
• 7eRoM / elam
  A Practical example of ELAM (Early Launch Anti-Malware)
  ☆30Updated 3 years ago
• 0vercl0k / inject
  Yet another Windows DLL injector.
  ☆38Updated 2 years ago
• ASkyeye / CVE-2018-19320
  Exploiting ring0 memcpy-like functionality to disable Driver Signing Enforcement (DSE)
  ☆20Updated 4 years ago
• farinap5 / bitmap4shell
  A (quite) simple steganography algorithm to hide shellcodes within bitmap image.
  ☆21Updated 6 months ago
• bharadwajyas / ppdump-public
  Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…
  ☆22Updated 4 years ago
• Yaxser / Itaskhandler
  Implementation of ITaskHandler in C++
  ☆12Updated last year
• AlionGreen / apc-injection
  Process Injection: APC Injection
  ☆27Updated 3 years ago
• bananabr / Givemeahand
  A PoC tool for exploiting leaked process and thread handles
  ☆30Updated 8 months ago
• st4ckh0und / hook-buster
  A compact tool for detecting AV/EDR hooks in default Windows libraries.
  ☆29Updated 2 years ago
• hid3rx / GhostWriting
  ☆22Updated last year
• Wra7h / PEResourceInject
  ☆53Updated 2 years ago
• Ap3x / COFF-Loader
  A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader
  ☆39Updated 10 months ago
• OtterHacker / CoffLoader
  ☆48Updated last year
• theabysslabs / CVE-2022-21881
  POC of CVE-2022-21881 exploited at TianfuCup 2021 to escape Chrome Sandbox
  ☆20Updated 2 years ago
• ommadawn46 / HEVD-BufferOverflowNonPagedPoolNx-Win10-22H2
  HEVD Exploit: BufferOverflowNonPagedPoolNx on Windows 10 22H2 - Escalating from Low Integrity to SYSTEM via Aligned Chunk Confusion
  ☆39Updated 3 months ago
• Hagrid29 / herpaderply_hollowing
  Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping
  ☆45Updated 2 years ago
• CodeXTF2 / BusySleepBeacon
  This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built i…
  ☆30Updated 2 years ago
• PorLaCola25 / PPID-Spoofing
  POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…
  ☆38Updated 3 years ago
• boku7 / x64win-DynamicNoNull-WinExec-PopCalc-Shellcode
  64bit WIndows 10 shellcode dat pops dat calc - Dynamic & Null Free
  ☆58Updated last year