H1d3r / GPU_ShellCode
☆302Updated 2 years ago
Alternatives and similar repositories for GPU_ShellCode:
Users that are interested in GPU_ShellCode are comparing it to the libraries listed below
- PoC for the Untrusted Pointer Dereference in the ks.sys driver☆275Updated 3 months ago
- Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.☆289Updated 10 months ago
- CWE-781: Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code☆338Updated 8 months ago
- Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.☆277Updated 9 months ago
- ☆246Updated 7 months ago
- PoCs for Kernelmode rootkit techniques research.☆356Updated last month
- CPP AV/EDR Killer☆390Updated last year
- not a reverse-engineered version of the Cobalt Strike Beacon☆352Updated 11 months ago
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.☆525Updated last week
- Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls☆363Updated 5 months ago
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆510Updated 9 months ago
- A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders imp…☆298Updated 5 months ago
- Process injection alternative☆321Updated 6 months ago
- ☆348Updated 3 months ago
- Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver☆262Updated last month
- Oracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability☆218Updated 10 months ago
- Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.☆389Updated last year
- Shellcode loader generator with multiples features☆457Updated 2 months ago
- Loading BOF & ShellCode without executable permission memory.☆407Updated 4 months ago
- Reflective DLL Injection Made Bella☆219Updated 2 months ago
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆302Updated 11 months ago
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆390Updated 7 months ago
- DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYS…☆373Updated 6 months ago
- Evasive shellcode loader☆346Updated 4 months ago
- Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…☆205Updated 4 months ago
- Unorthodox and stealthy way to inject a DLL into the explorer using icons☆308Updated last month
- COM ViewLogger — new malware keylogging technique☆344Updated 2 months ago
- C++ self-Injecting dropper based on various EDR evasion techniques.☆366Updated last year
- A small x64 library to load dll's into memory.☆431Updated last year
- An easily modifiable shellcode template for Windows x64 written in C☆249Updated last year