GB102 / VirtualEXploiterLinks
VFGadget locator to facilitate Counterfeit Object-Oriented Programming (COOP) and Loop-Oriented Programming (LOP) attacks to bypass advanced security protections like Intel CET and Control-Flow Guard (CFG) to achieve Remote Code Execution.
☆23Updated 9 months ago
Alternatives and similar repositories for VirtualEXploiter
Users that are interested in VirtualEXploiter are comparing it to the libraries listed below
Sorting:
- Hells Hollow Windows 11 Rootkit technique to Hook the SSDT via Alt Syscalls☆209Updated 4 months ago
- ☆190Updated last year
- ☆111Updated last month
- Virtual Trust Level (VTL 1) secure call tracing☆86Updated 4 months ago
- Leaking kernel addresses from ETW consumers. Requires Administrator privileges.☆89Updated 2 months ago
- Walks the CFG bitmap to find previously executable but currently hidden shellcode regions☆129Updated 2 years ago
- Ryūjin Protector - Is a Intel Arch - BIN2BIN - PE Obfuscation/Protection/DRM tool☆280Updated last month
- LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.☆319Updated last year
- NovaHypervisor is a defensive x64 Intel host based hypervisor. The goal of this project is to protect against kernel based attacks (eithe…☆236Updated 3 months ago
- Reverse engineering winapi function loadlibrary.☆230Updated 2 years ago
- Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…☆266Updated last year
- ☆54Updated 5 months ago
- a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor☆107Updated last year
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆73Updated 9 months ago
- Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…☆195Updated 6 months ago
- Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections☆160Updated 2 years ago
- A set of LLVM and GCC based plugins that perform code obfuscation.☆136Updated 2 months ago
- Process Injection using Thread Name☆293Updated 8 months ago
- Finding Truth in the Shadows☆120Updated 2 years ago
- A serie of exploits targeting eneio64.sys - Turning Physical Memory R/W into Virtual Memory R/W☆108Updated 2 months ago
- Monitors ETW for security relevant syscalls maintaining the set called by each unique process☆87Updated 2 years ago
- An example of an external LLVM plugin module transform pass for the latest versions.☆14Updated 2 months ago
- Windows KASLR bypass using prefetch side-channel☆171Updated last year
- Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven☆250Updated last year
- Admin to Kernel code execution using the KSecDD driver☆258Updated last year
- This repo contains EXPs about Vulnerable Windows Driver☆47Updated last year
- MIPS VM to execute payloads without allocating executable memory. Based on a PlayStation 1 (PSX) Emulator.☆123Updated last year
- Uses ghidra to find all ETW write metadata for each API in a PE file☆24Updated last year
- HEVD Exploit: ArbitraryWrite on Windows 10 22H2 - Bypassing KVA Shadow and SMEP via PML4 Entry Manipulation☆34Updated last year
- Rewrite and obfuscate code in compiled binaries☆273Updated last month