Keramas / WindowsKernelExploits
Repository for Windows 10 x64 kernel research, exploitation learning, and reference/supplementary code.
☆14Updated 4 years ago
Alternatives and similar repositories for WindowsKernelExploits:
Users that are interested in WindowsKernelExploits are comparing it to the libraries listed below
- Antivirus Emulator Fingerprints☆27Updated 6 years ago
- Adapt practically persistence steadiness strategies working at Windows 10 utilized by sponsored nation-state threat actors, as Turla, Pro…☆20Updated 4 years ago
- Code for blog written at 0xdarkvortex.dev Red Team TTPs Part 2☆18Updated 4 years ago
- Visual Studio (C++) Solution Template for Payloads☆18Updated 5 years ago
- PoC code from blog☆16Updated 4 years ago
- NT AUTHORITY\SYSTEM☆37Updated 4 years ago
- Files related to my presentation at SigSegV2 conference in 2019. You can find related papers on my blog☆13Updated 5 years ago
- A simple injector that uses LoadLibraryA☆17Updated 4 years ago
- A collection of my presentation materials.☆16Updated 9 months ago
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆15Updated 4 years ago
- Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the in…☆19Updated 4 years ago
- C# Implementation of Jared Atkinson's Get-InjectedThread.ps1☆51Updated 3 years ago
- ☆16Updated 3 years ago
- ☆24Updated 3 years ago
- "An Introduction to Windows Exploit Development" is an open sourced, free Windows exploit development course I created for the Southeast …☆39Updated 4 years ago
- DLL hijacking vulnerability scanner and PE infector tool☆17Updated 7 years ago
- ☆11Updated 3 years ago
- Loading and executing shellcode in C# without PInvoke.☆20Updated 3 years ago
- A tool to sync mythic events with ghostwriter oplog.☆12Updated 3 months ago
- AMSI detection PoC☆31Updated 4 years ago
- ☆20Updated 4 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆16Updated 6 years ago
- Extract all IP of a computer using DCOM without authentication (aka detect network used for administration)☆26Updated 4 years ago
- The repository accompanying the Buer Emulation workshop☆24Updated 3 years ago
- ☆15Updated last year
- A PowerShell script to prevent Sysmon from writing its events☆15Updated 4 years ago
- This is a Shell Script to setup NTLM hash sniffing using the Raspberry Pi Zero. This tool can be used during Red Team assessments by atta…☆22Updated 7 years ago
- Dump Lsass Memory Using a Reflective Dll☆14Updated 3 years ago
- C# code to run PIC using CreateThread☆16Updated 5 years ago
- POC code to crash Windows Event Logger Service☆26Updated 4 years ago