GB102 / VirtualEXploiterLinks
VFGadget locator to facilitate Counterfeit Object-Oriented Programming (COOP) and Loop-Oriented Programming (LOP) attacks to bypass advanced security protections like Intel CET and Control-Flow Guard (CFG) to achieve Remote Code Execution.
☆22Updated 8 months ago
Alternatives and similar repositories for VirtualEXploiter
Users that are interested in VirtualEXploiter are comparing it to the libraries listed below
Sorting:
- Hells Hollow Windows 11 Rootkit technique to Hook the SSDT via Alt Syscalls☆196Updated 3 months ago
- Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…☆260Updated last year
- Windows KASLR bypass using prefetch side-channel☆164Updated last year
- NovaHypervisor is a defensive x64 Intel host based hypervisor. The goal of this project is to protect against kernel based attacks (eithe…☆236Updated last month
- LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.☆315Updated last year
- Rewrite and obfuscate code in compiled binaries☆266Updated last month
- ☆188Updated last year
- Ryūjin Protector - Is a Intel Arch - BIN2BIN - PE Obfuscation/Protection/DRM tool☆249Updated last week
- Virtual Trust Level (VTL 1) secure call tracing☆83Updated 3 months ago
- Windows 11 24H2-25H2 Runtime PatchGuard Bypass☆215Updated 3 weeks ago
- Reverse engineering winapi function loadlibrary.☆224Updated 2 years ago
- Process Injection using Thread Name☆281Updated 7 months ago
- A tool that is used to hunt vulnerabilities in x64 WDM drivers☆414Updated 2 weeks ago
- An x86-64 code virtualizer for VM based obfuscation☆143Updated 11 months ago
- Admin to Kernel code execution using the KSecDD driver☆260Updated last year
- Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2☆245Updated 3 years ago
- POC exploit for CVE-2025-21333 heap-based buffer overflow. It leverages WNF state data and I/O ring IOP_MC_BUFFER_ENTRY☆222Updated 7 months ago
- This repo contains EXPs about Vulnerable Windows Driver☆46Updated last year
- Obfusk8: lightweight Obfuscation library based on C++17 / Header Only for windows binaries☆376Updated 6 months ago
- An example of an external LLVM plugin module transform pass for the latest versions.☆14Updated last month
- Single header version of System Informer's phnt library.☆233Updated last week
- Leaking kernel addresses from ETW consumers. Requires Administrator privileges.☆85Updated 3 weeks ago
- HEVD Exploit: ArbitraryWrite on Windows 10 22H2 - Bypassing KVA Shadow and SMEP via PML4 Entry Manipulation☆35Updated last year
- The Windbg extensions to study Hyper-V on Intel and AMD processors.☆167Updated 3 months ago
- A set of LLVM and GCC based plugins that perform code obfuscation.☆133Updated last month
- ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…☆159Updated 2 months ago
- Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…☆192Updated 5 months ago
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆158Updated last year
- ☆95Updated last year
- A serie of exploits targeting eneio64.sys - Turning Physical Memory R/W into Virtual Memory R/W☆105Updated last month