DownWithUp / DynamicKernelShellcode

Related projects: ⓘ

• hoangprod / DanSpecial
  Weaponizing Gigabyte driver for priv escalation and bypass PPL
  ☆68Updated 5 years ago
• yardenshafir / MitigationFlagsCliTool
  Command like tool to print mitigation flags for running processes in a memory dump
  ☆41Updated 4 years ago
• redplait / armpatched
  clone of armadillo patched for windows
  ☆45Updated 5 months ago
• aaaddress1 / wowGrail
  PoC: Rebuild A New Path Back to the Heaven's Gate (HITB 2021)
  ☆100Updated 3 years ago
• IOActive / kmdf_re
  Helper idapython code for reversing kmdf drivers
  ☆68Updated 2 years ago
• uvbs / NT-APC-Injector
  APC DLL Injector with NtQueueApcThread and wake up thread support
  ☆44Updated 6 years ago
• bluefrostsecurity / Meltdown-KVA-Shadow-Leak
  ☆44Updated 4 years ago
• mathisvickie / CVE-2021-21551
  arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system
  ☆52Updated 2 years ago
• xpn / RpcEnum
  An command-line RPC method enumerator, born out of RPCView's awesomeness
  ☆97Updated 5 years ago
• sgabe / SymlinkProtect
  File system minifilter driver for Windows to block symbolic link attacks.
  ☆51Updated 3 years ago
• jackullrich / Windows-API-Fuzzer
  Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.
  ☆94Updated 4 years ago
• hidd3ncod3s / WindowsAPIhash
  Windows API Hashes used in the malwares
  ☆38Updated 9 years ago
• ionescu007 / hazmat5
  Local OXID Resolver (LCLOR) : Research and Tooling
  ☆31Updated 3 years ago
• SinaKarvandi / x64-Driver-Inline-Assembly
  This is a simple driver with x64 inline assembly
  ☆52Updated 4 years ago
• VoidSec / ioctlpus
  IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).
  ☆81Updated 2 years ago
• LloydLabs / dearg-thread-ipc-stealth
  A novel technique to communicate between threads using the standard ETHREAD structure
  ☆108Updated 3 years ago
• rjt-gupta / CVE-2021-29337
  CVE-2021-29337 - Privilege Escalation in MODAPI.sys (MSI Dragon Center)
  ☆29Updated 2 years ago
• NtRaiseHardError / Sysmon
  Sysmon shenanigans
  ☆65Updated 3 years ago
• SouhailHammou / KernelSymbolsHelper
  Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…
  ☆52Updated 5 years ago
• jbaines-r7 / dellicious
  Enabled / Disable LSA Protection via BYOVD
  ☆61Updated 2 years ago
• realoriginal / doublepulsar-poc
  ☆44Updated this week
• tandasat / CVE-2022-25949
  A years-old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77.
  ☆35Updated 2 years ago
• alfarom256 / drivers_and_shit
  ☆56Updated 2 years ago
• therealdreg / cgaty
  Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)
  ☆69Updated last year
• redplait / pexphide
  PoC for hiding PE exports
  ☆65Updated 3 years ago
• elastic / PPLGuard
  ☆68Updated 11 months ago
• aaaddress1 / sakeInject
  Windows PE - TLS (Thread Local Storage) Injector in C/C++
  ☆102Updated 3 years ago
• hasherezade / libpeconv_tpl
  A ready-made template for a project based on libpeconv.
  ☆40Updated last year
• zerosum0x0 / heresy
  ☆49Updated this week
• kkent030315 / NtSymbol
  Resolve DOS MZ executable symbols at runtime
  ☆93Updated 2 years ago