This repo contains EXPs about Vulnerable Windows Driver
☆47May 22, 2024Updated last year
Alternatives and similar repositories for Win-Driver-EXP
Users that are interested in Win-Driver-EXP are comparing it to the libraries listed below
Sorting:
- ☆88Aug 16, 2025Updated 6 months ago
- ☆145Mar 29, 2025Updated 11 months ago
- DSE & PG bypass via BYOVD attack☆76Jul 12, 2025Updated 7 months ago
- Reimplementation of the KExecDD DSE bypass technique.☆58Sep 7, 2024Updated last year
- ManageEngine ADManager Command Injection☆11Oct 2, 2023Updated 2 years ago
- ☆193Jul 29, 2024Updated last year
- ☆42Jun 23, 2024Updated last year
- 以太坊单合约交易调试工具☆16Jul 20, 2021Updated 4 years ago
- ☆25Jan 6, 2025Updated last year
- using wnbios64.sys for arbitrary r/w☆15Oct 12, 2025Updated 4 months ago
- Windows x64 DLL/Driver manual map injection on a non-present PML4E using physical memory read/writes, direct page table manipulation and …☆85Sep 28, 2025Updated 5 months ago
- A serie of exploits targeting eneio64.sys - Turning Physical Memory R/W into Virtual Memory R/W☆116Oct 19, 2025Updated 4 months ago
- POC exploit for CVE-2025-21333 heap-based buffer overflow. It leverages WNF state data and I/O ring IOP_MC_BUFFER_ENTRY☆227Apr 12, 2025Updated 10 months ago
- Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation☆130Mar 22, 2024Updated last year
- IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.☆109Jan 17, 2024Updated 2 years ago
- Contains all the applications developed for the Second part of the 7th Edition of Windows Internals book☆118Jun 30, 2024Updated last year
- ☆61Aug 21, 2023Updated 2 years ago
- A method to Disable DSE using .data ptr hooks☆38Feb 1, 2024Updated 2 years ago
- IDA plugin to make classes automatically☆20Oct 31, 2024Updated last year
- ☆66May 25, 2023Updated 2 years ago
- Exploiting the KsecDD Windows driver through Server Silos☆76Nov 11, 2024Updated last year
- ANY.RUN sandbox detection collection☆23Aug 21, 2024Updated last year
- anti-ransomware file-system filter☆69Sep 3, 2024Updated last year
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution☆43Oct 11, 2025Updated 4 months ago
- Windows AppLocker Driver (appid.sys) LPE☆75Jul 29, 2024Updated last year
- ☆64May 31, 2024Updated last year
- Experiment to use sections as User/Kernelmode comm vector☆22Apr 7, 2023Updated 2 years ago
- A fast execution trace symbolizer for Windows that runs on all major platforms and doesn't depend on any Microsoft libraries.☆100Jan 3, 2026Updated last month
- WinDbg plugin to trace module transitions from a debugged driver.☆40Dec 22, 2025Updated 2 months ago
- A tool that is used to hunt vulnerabilities in x64 WDM drivers☆437Dec 7, 2025Updated 2 months ago
- comparing data of module exports from disk and memory, then caching any differences.☆26Dec 11, 2021Updated 4 years ago
- Windows KASLR bypass using prefetch side-channel☆177Apr 26, 2024Updated last year
- Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths☆359Aug 11, 2024Updated last year
- Fuzzing harnesses, corpora, scripts, and target-specific notes for fuzzing IrfanView☆25May 20, 2021Updated 4 years ago
- AIDA64DRIVER Elevation of Privilege Vulnerability☆16Oct 25, 2024Updated last year
- 一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954��、CVE-2022-22972/31656以及log4j,提供一键上传webs…☆12Dec 18, 2023Updated 2 years ago
- Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…☆15Apr 21, 2025Updated 10 months ago
- A solution for llvmvm in MRCTF2022☆11Apr 27, 2022Updated 3 years ago
- ☆12Jul 12, 2022Updated 3 years ago